Initial version of syslog module.

2011-08-01 10:47:50 +03:00 · 2011-08-01 10:47:50 +03:00 · f8d8abe1ae
commit f8d8abe1ae
parent 90312c8d28
6 changed files with 200 additions and 0 deletions
--- a/syslog/manifests/init.pp
+++ b/syslog/manifests/init.pp
@ -0,0 +1,109 @@
+
+# Install syslog client
+#
+# === Global variables:
+#
+#   $syslog_type:
+#       Syslog type to use. Valid values are syslogd and rsyslog.
+#       Default depends on operating system.
+#
+#   $syslog_server:
+#       Address of remote syslog server where to send logs.
+#
+class syslog::client {
+
+    if !$syslog_type {
+        case $operatingsystem {
+            "centos": { $syslog_type = "syslogd" }
+            "fedora": { $syslog_type = "rsyslog" }
+            "openbsd": { $syslog_type = "syslogd" }
+        }
+    }
+
+    case $syslog_type {
+        "syslogd": { include syslog::client::syslogd }
+        "rsyslog": { include syslog::client::rsyslog }
+        default: { fail("Unknown \$syslog_type '$syslog_type'") }
+    }
+
+}
+
+
+# Install syslog client using syslogd
+#
+class syslog::client::syslogd {
+
+    if $operatingsystem != "OpenBSD" {
+        package { "syslogd":
+            name   => "sysklogd",
+            ensure => installed,
+            before => File["/etc/syslog.conf"],
+        }
+    }
+
+    file { "/etc/syslog.conf":
+        ensure  => present,
+        content => template("syslog/syslog.conf.$operatingsystem.erb",
+                            "syslog/syslog.conf.client.erb"),
+        mode    => 0644,
+        owner   => "root",
+        group   => $operatingsystem ? {
+            "openbsd" => "wheel",
+            default   => "root",
+        },
+        notify  => Service["syslogd"],
+    }
+
+    service { "syslogd":
+        name    => $operatingsystem ? {
+            "openbsd" => "syslogd",
+            default   => "syslog",
+        },
+        ensure  => running,
+        enable  => true,
+        start   => $operatingsystem ? {
+            "openbsd" => "syslogd -a /var/www/dev/log -a /var/named/dev/log -a /var/empty/dev/log",
+            default   => undef,
+        },
+        restart => $operatingsystem ? {
+            "openbsd" => "pkill -HUP -u _syslogd",
+            default   => undef,
+        },
+    }
+
+}
+
+
+# Install syslog client using rsyslog.
+#
+class syslog::client::rsyslog {
+
+    package { "rsyslog":
+        ensure => installed,
+    }
+
+    file { "/etc/rsyslog.conf":
+        ensure  => present,
+        content => template("syslog/rsyslog.conf.erb",
+                            "syslog/syslog.conf.$operatingsystem.erb",
+                            "syslog/syslog.conf.client.erb"),
+        mode    => 0644,
+        owner   => "root",
+        group   => $operatingsystem ? {
+            "openbsd" => "wheel",
+            default   => "root",
+        },
+        require => Package["rsyslog"],
+        notify  => Service["rsyslog"],
+    }
+
+    service { "rsyslog":
+        ensure => running,
+        enable => true,
+        start  => $operatingsystem ? {
+            "openbsd" => "pkill syslogd ; /usr/local/sbin/rsyslogd -c 4 -x -i /var/run/syslog.pid",
+            default   => undef,
+        },
+    }
+
+}
--- a/syslog/templates/rsyslog.conf.erb
+++ b/syslog/templates/rsyslog.conf.erb
@ -0,0 +1,9 @@
+# Use traditional timestamp format
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+# provides --MARK-- message capability
+$ModLoad immark
+# Provides kernel logging support (previously done by rklogd)
+$ModLoad imklog
+# Provides support for local system logging (e.g. via logger command)
+$ModLoad imuxsock
--- a/syslog/templates/syslog.conf.CentOS.erb
+++ b/syslog/templates/syslog.conf.CentOS.erb
@ -0,0 +1,26 @@
+# Log all kernel messages to the console.
+# Logging much else clutters up the screen.
+#kern.*							/dev/console
+
+# Log anything (except mail) of level info or higher.
+# Don't log private authentication messages!
+*.info;mail.none;authpriv.none;cron.none		/var/log/messages
+
+# The authpriv file has restricted access.
+authpriv.*						/var/log/secure
+
+# Log all the mail messages in one place.
+mail.*							-/var/log/maillog
+
+
+# Log cron stuff
+cron.*							/var/log/cron
+
+# Everybody gets emergency messages
+*.emerg							*
+
+# Save news errors of level crit and higher in a special file.
+uucp,news.crit						/var/log/spooler
+
+# Save boot messages also to boot.log
+local7.*						/var/log/boot.log
--- a/syslog/templates/syslog.conf.Fedora.erb
+++ b/syslog/templates/syslog.conf.Fedora.erb
@ -0,0 +1,26 @@
+# Log all kernel messages to the console.
+# Logging much else clutters up the screen.
+#kern.*							/dev/console
+
+# Log anything (except mail) of level info or higher.
+# Don't log private authentication messages!
+*.info;mail.none;authpriv.none;cron.none		/var/log/messages
+
+# The authpriv file has restricted access.
+authpriv.*						/var/log/secure
+
+# Log all the mail messages in one place.
+mail.*							-/var/log/maillog
+
+
+# Log cron stuff
+cron.*							/var/log/cron
+
+# Everybody gets emergency messages
+*.emerg							*
+
+# Save news errors of level crit and higher in a special file.
+uucp,news.crit						/var/log/spooler
+
+# Save boot messages also to boot.log
+local7.*						/var/log/boot.log
--- a/syslog/templates/syslog.conf.OpenBSD.erb
+++ b/syslog/templates/syslog.conf.OpenBSD.erb
@ -0,0 +1,22 @@
+
+*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	/var/log/messages
+kern.debug;syslog,user.info				/var/log/messages
+auth.info						/var/log/authlog
+authpriv.debug						/var/log/secure
+cron.info						/var/cron/log
+daemon.info						/var/log/daemon
+ftp.info						/var/log/xferlog
+lpr.debug						/var/log/lpd-errs
+mail.info						/var/log/maillog
+#uucp.info						/var/log/uucp
+
+# Uncomment this line to send "important" messages to the system
+# console: be aware that this could create lots of output.
+#*.err;auth.notice;authpriv.none;kern.debug;mail.crit   /dev/console
+
+# Uncomment this to have all messages of notice level and higher
+# as well as all authentication messages sent to root.
+#*.notice;auth.debug                                    root
+
+# Everyone gets emergency messages.
+*.emerg                                                 *
--- a/syslog/templates/syslog.conf.client.erb
+++ b/syslog/templates/syslog.conf.client.erb
@ -0,0 +1,8 @@
+
+*.*		<% if operatingsystem != "OpenBSD" %>-<% end %>/var/log/all.log
+mark.*		<% if operatingsystem != "OpenBSD" %>-<% end %>/var/log/all.log
+
+<% if has_variable?('syslog_server') -%>
+*.*		@<%= syslog_server %>
+mark.*		@<%= syslog_server %>
+<% end -%>