Added support for rsyslog server

2011-10-05 11:44:08 +03:00 · 2011-10-05 11:44:08 +03:00 · e40a51186d
commit e40a51186d
parent da6f4df080
2 changed files with 65 additions and 9 deletions
--- a/syslog/manifests/init.pp
+++ b/syslog/manifests/init.pp
@ -124,7 +124,7 @@ class syslog::client::rsyslog {
 }


-# Install standalone syslog client
+# Common configuration for standalone syslog client and server
 #
 # === Global variables:
 #
@ -139,11 +139,16 @@ class syslog::client::rsyslog {
 #       Group name which has permissions to read logs. Defaults to
 #       wheel or root depending on operating system.
 #
-class syslog::standalone {
+class syslog::standalone::common {

    if !$syslog_type {
        case $operatingsystem {
-            "centos": { $syslog_type = "syslogd" }
+            "centos": {
+                $syslog_type = $operatingsystemrelease ? {
+                    /^6/    => "rsyslog",
+                    default => "syslogd",
+                }
+            }
            "fedora": { $syslog_type = "rsyslog" }
            "openbsd": { $syslog_type = "syslogd" }
            "ubuntu": { $syslog_type = "rsyslog" }
@ -217,12 +222,6 @@ class syslog::standalone {
        require => File["/usr/local/sbin/logarchiver.sh"],
    }

-    case $syslog_type {
-        "syslogd": { include syslog::standalone::syslogd }
-        "rsyslog": { include syslog::standalone::rsyslog }
-        default: { fail("Unknown \$syslog_type '$syslog_type'") }
-    }
-
    if "${selinux}" == "true" {
        selinux::manage_fcontext { "/srv/log(/all\.log)?":
            type   => "var_log_t",
@ -239,6 +238,19 @@ class syslog::standalone {
 }


+# Install standalone syslog host.
+#
+class syslog::standalone inherits syslog::standalone::common {
+
+    case $syslog_type {
+        "syslogd": { include syslog::standalone::syslogd }
+        "rsyslog": { include syslog::standalone::rsyslog }
+        default: { fail("Unknown \$syslog_type '$syslog_type'") }
+    }
+
+}
+
+
 # Install standalone syslog host using syslogd.
 #
 class syslog::standalone::syslogd inherits syslog::client::syslogd {
@ -267,3 +279,31 @@ class syslog::standalone::rsyslog inherits syslog::client::rsyslog {

 }

+
+# Install syslog server.
+#
+class syslog::server inherits syslog::standalone::common {
+
+    case $syslog_type {
+        "syslogd": { fail("Server for \$syslog_type '$syslog_type' not yet supported.") }
+        "rsyslog": { include syslog::server::rsyslog }
+        default: { fail("Unknown \$syslog_type '$syslog_type'") }
+    }
+
+}
+
+
+# Install syslog server using rsyslog.
+#
+class syslog::server::rsyslog inherits syslog::client::rsyslog {
+
+    File["/etc/rsyslog.conf"] {
+        content => template("syslog/rsyslog.conf.erb",
+                            "syslog/rsyslog.conf.server.erb",
+                            "syslog/syslog.conf.$operatingsystem.erb",
+                            "syslog/syslog.conf.server.erb"),
+        require => [ File["/srv/log"],
+                     File["/var/log/all.log"], ],
+    }
+
+}
--- a/syslog/templates/rsyslog.conf.server.erb
+++ b/syslog/templates/rsyslog.conf.server.erb
@ -0,0 +1,16 @@
+# Provides UDP syslog reception
+$ModLoad imudp.so
+$UDPServerRun 514
+
+# Provides TCP syslog reception with TLS
+$ModLoad imtcp.so
+
+$DefaultNetstreamDriver gtls
+$DefaultNetstreamDriverCAFile <%= puppet_ssldir %>/certs/ca.pem
+$DefaultNetstreamDriverCertFile <%= puppet_ssldir %>/certs/<%= homename %>.pem
+$DefaultNetstreamDriverKeyFile <%= puppet_ssldir %>/private_keys/<%= homename %>.pem
+
+$InputTCPServerStreamDriverMode 1
+$InputTCPServerStreamDriverAuthMode x509/certvalid
+$InputTCPServerRun 514
+