diff --git a/syslog/manifests/init.pp b/syslog/manifests/init.pp index bff2552..680c036 100644 --- a/syslog/manifests/init.pp +++ b/syslog/manifests/init.pp @@ -378,7 +378,7 @@ class syslog::standalone::rsyslog inherits syslog::client::rsyslog { class syslog::server inherits syslog::common::standalone { case $syslog_type { - "syslogd": { fail("Server for \$syslog_type '$syslog_type' not yet supported.") } + "syslogd": { include syslog::server::syslogd } "rsyslog": { include syslog::server::rsyslog } default: { fail("Unknown \$syslog_type '$syslog_type'") } } @@ -386,6 +386,48 @@ class syslog::server inherits syslog::common::standalone { } +class syslog::server::syslogd inherits syslog::client::syslogd { + + if $::operatingsystem != "OpenBSD" { + fail("syslog::server::syslogd not supported on ${::operatingsystem}") + } + if versioncmp($::operatingsystemrelease, "5.9") < 0 { + fail("syslog::server::syslogd supported only on OpenBSD 5.9 and newer") + } + + file { "/etc/ssl/private/0.0.0.0:514.key": + ensure => present, + source => "${::puppet_ssldir}/private_keys/${::homename}.pem", + mode => "0600", + owner => "root", + group => "wheel", + notify => Service["syslogd"], + } + file { "/etc/ssl/0.0.0.0:514.crt": + ensure => present, + source => "${::puppet_ssldir}/certs/${::homename}.pem", + mode => "0644", + owner => "root", + group => "wheel", + notify => Service["syslogd"], + } + + File["/etc/syslog.conf"] { + content => template("syslog/syslog.conf.server.erb", + "syslog/syslog.conf.$operatingsystem.erb"), + require => [ File["/srv/log"], + File["/var/log/all.log"], ], + } + + Service["syslogd"] { + ensure => running, + enable => true, + flags => "${service_flags} -u -S 0.0.0.0:514 -C ${::puppet_ssldir}/certs/ca.pem", + } + +} + + # Install syslog server using rsyslog. # class syslog::server::rsyslog inherits syslog::client::rsyslog {