Skip to content
Snippets Groups Projects
Commit 38129b1b authored by Hans Persson's avatar Hans Persson
Browse files

Split to separate files for autoloader.

parent 6eb79756
No related branches found
No related tags found
No related merge requests found
class syslog::central_server
{
include syslog::service
include rootuser
include syslog::vars
$osdist = "${::operatingsystem}-${::operatingsystemrelease}"
case $osdist
{
/^CentOS-6.[0-9]+$/: {
cfgfile::redhat::sysconfig {
'rsyslogd-options':
subsystem => 'rsyslog',
setting => 'SYSLOGD_OPTIONS',
value => '"-c5"',
notify => Service['rsyslog'];
}
file {
'/etc/rsyslog.conf':
content => template(
'syslog/rsyslog-el6.conf-logserver.erb'),
owner => 'root', group => 'root', mode => '0444',
notify => Service['rsyslog'];
}
$rsyslogd_pidfile = '/var/run/syslogd.pid'
}
default: {
fail("Don't know how to configure rsyslog on ${osdist}")
}
}
iptables {
'syslog-input':
ipfamily => ['ipv4','ipv6'], chain => 'INPUT',
saddr => $syslog::vars::allowed_clients,
proto => ['udp','tcp'], dport => 514,
target => 'ACCEPT';
}
fs::mount {
'/syslogs':
before => Class[syslog::service];
}
file {
'/syslogs/audit':
ensure => directory,
owner => 'root', group => 'root', mode => '0755',
before => Class[syslog::service];
'/etc/logrotate.d/logstream':
ensure => file,
owner => 'root', group => 'root', mode => '0444';
# Replaced by compress-auditlogs script run from cron.
'/etc/logrotate.d/auditstream':
ensure => absent;
}
# On Sunday mornings there will be triple SIGHUPs sent to rsyslogd, since
# the rotation of the normal logs in /var/log will also run then. Would
# be nice to avoid that, but that does not seem possible.
xaugeas {
'logrotate-logstream':
file => '/etc/logrotate.d/logstream', lens => 'Logrotate.lns',
changes => [
'rm *',
"set rule/file '/syslogs/logstream'",
"set rule/rotate '1'",
"set rule/compress 'nocompress'",
"set rule/schedule 'daily'",
"set rule/create/mode '644'",
"set rule/create/owner 'root'",
"set rule/create/group 'root'",
"set rule/missingok 'missingok'",
"set rule/postrotate '\t\t/bin/kill -HUP `/bin/cat ${rsyslogd_pidfile} 2>/dev/null` 2>/dev/null || true'",
],
require => File['/etc/logrotate.d/logstream'];
}
file {
"${rootuser::homedir}/bin/compress-syslogs.sh":
source => 'puppet:///modules/syslog/compress-syslogs.sh',
owner => 'root', group => 'root', mode => '0555';
"${rootuser::homedir}/bin/compress-auditlogs.sh":
source => 'puppet:///modules/syslog/compress-auditlogs.sh',
owner => 'root', group => 'root', mode => '0555';
}
# FIXME: If the syslog server happens to be down when this cron job
# runs, that particular month will never be compressed.
cron {
'compress-old-logs':
command => shellquote(
'/root/bin/compress-syslogs.sh', '-v', '3 months ago'),
month => '1-12', monthday => '3', weekday => '*',
hour => 5, minute => 20;
'compress-auditlogs':
command => shellquote('/root/bin/compress-auditlogs.sh'),
month => '*', monthday => '*', weekday => '*',
hour => 6, minute => 20;
}
}
# Configure node to send its system logs to the central syslog server.
#
# This will add an rsyslog fragment (to /etc/rsyslog.d) for sending logs
# to a log server. By default, UDP over IPv4 will be used to send all
# logs to the NSC central syslog server.
#
# The lookup of the logserver IP address is performed on the Puppet
# master. Thus, we need to specify whether IPv4 and/or IPv6 should be
# used, since the Puppet master might not have the same view of what IP
# families are useable as the client. If a node specifies both IPv4 and
# IPv6 (i.e, ipfamily=>['ipv4','ipv6'], one of them will be selected
# based on what the resolver library on the Puppet master thinks is best
# for *it*, not what's best for the node in question.
class syslog::client(
$logserver='syslog.nsc.liu.se',
$ipfamily='ipv4', # 'ipv4', 'ipv6' or ['ipv4','ipv6']
$protocol='udp', # udp, tcp or relp
$port=false, # Default: 514 for TCP/UDP, 2514 for RELP
$selector='*.*',
$format='RSYSLOG_ForwardFormat',
)
{
include syslog::service
$cfg_d_file = '/etc/rsyslog.d/log-to-logserver.conf'
$syslogaddrs = resolve_ipnets($logserver, $ipfamily, 'stable')
$protoprefix = $protocol ? {
'udp' => '@',
'tcp' => '@@',
'relp' => ':omrelp:',
default => fail("${title}: Bad protocol, ``${protocol}''"),
}
$xport = $port ? {
false => $protocol ? { 'relp' => ':2514', default => '' },
default => ":${port}",
}
$cfg_line = sprintf(
"%s\t\t%s[%s]%s;%s\n",
$selector, $protoprefix, $syslogaddrs[0], $xport, $format)
file {
$cfg_d_file:
ensure => file, owner => 'root', group => 'root', mode => '0444',
content => $cfg_line,
require => Package['rsyslog'],
notify => Service['rsyslog'];
}
}
class syslog::vars # This file intentionally left blank.
{
include nscnets
# We also take care of logs from NDGF.
$allowed_clients = [ $nscnets::all_public, $nscnets::network_management,
'bobo.ndgf.org' ]
}
# Add or remove $ModLoad directives from the rsyslog configuration.
define syslog::modload($ensure='present')
{
$modload_re = sprintf(
'^\$[Mm][Oo][Dd][Ll][Oo][Aa][Dd]\s+%s(\s*#.*)?$', $name
)
case $ensure
{
'present': {
ensure_line {
"syslog::modload::${name}":
file => '/etc/rsyslog.conf',
line => "\$ModLoad ${name}",
sufficient => $modload_re,
addhow => prepend,
require => Package['rsyslog'],
notify => Service['rsyslog'];
}
}
'absent': {
delete_lines {
"syslog::modload::${name}":
file => '/etc/rsyslog.conf',
pattern => $modload_re,
require => Package['rsyslog'],
notify => Service['rsyslog'];
}
}
default: {
fail("Syslog::Modload[${title}]:",
" Bad parameter ensure, \"${ensure}\"")
}
}
}
class syslog::service
{
package {
'rsyslog':
ensure => installed,
notify => Service['rsyslog'];
}
syslog::modload {
'imuxsock': ensure => present;
}
if $::initsystem == 'systemd' {
# Rsyslog should get kernel messages from journald instead of
# reading the kernel socket itself.
syslog::modload {
'imklog': ensure => absent;
'imjournal': ensure => present;
}
} else {
# But on non-systemd systems, it is of course the reverse.
syslog::modload {
'imklog': ensure => present;
'imjournal': ensure => absent;
}
}
service {
'rsyslog':
ensure => $::running, enable => true,
hasstatus => true, hasrestart => true;
}
}
# Configure node to send its system logs to the central syslog server.
#
# This will add an rsyslog fragment (to /etc/rsyslog.d) for sending logs
# to a log server. By default, UDP over IPv4 will be used to send all
# logs to the NSC central syslog server.
#
# The lookup of the logserver IP address is performed on the Puppet
# master. Thus, we need to specify whether IPv4 and/or IPv6 should be
# used, since the Puppet master might not have the same view of what IP
# families are useable as the client. If a node specifies both IPv4 and
# IPv6 (i.e, ipfamily=>['ipv4','ipv6'], one of them will be selected
# based on what the resolver library on the Puppet master thinks is best
# for *it*, not what's best for the node in question.
class syslog::client(
$logserver='syslog.nsc.liu.se',
$ipfamily='ipv4', # 'ipv4', 'ipv6' or ['ipv4','ipv6']
$protocol='udp', # udp, tcp or relp
$port=false, # Default: 514 for TCP/UDP, 2514 for RELP
$selector='*.*',
$format='RSYSLOG_ForwardFormat',
)
{
include syslog::service
$cfg_d_file = '/etc/rsyslog.d/log-to-logserver.conf'
$syslogaddrs = resolve_ipnets($logserver, $ipfamily, 'stable')
$protoprefix = $protocol ? {
'udp' => '@',
'tcp' => '@@',
'relp' => ':omrelp:',
default => fail("${title}: Bad protocol, ``${protocol}''"),
}
$xport = $port ? {
false => $protocol ? { 'relp' => ':2514', default => '' },
default => ":${port}",
}
$cfg_line = sprintf(
"%s\t\t%s[%s]%s;%s\n",
$selector, $protoprefix, $syslogaddrs[0], $xport, $format)
file {
$cfg_d_file:
ensure => file, owner => 'root', group => 'root', mode => '0444',
content => $cfg_line,
require => Package['rsyslog'],
notify => Service['rsyslog'];
}
}
class syslog::central_server
{
include syslog::service
include rootuser
include syslog::vars
$osdist = "${::operatingsystem}-${::operatingsystemrelease}"
case $osdist
{
/^CentOS-6.[0-9]+$/: {
cfgfile::redhat::sysconfig {
'rsyslogd-options':
subsystem => 'rsyslog',
setting => 'SYSLOGD_OPTIONS',
value => '"-c5"',
notify => Service['rsyslog'];
}
file {
'/etc/rsyslog.conf':
content => template(
'syslog/rsyslog-el6.conf-logserver.erb'),
owner => 'root', group => 'root', mode => '0444',
notify => Service['rsyslog'];
}
$rsyslogd_pidfile = '/var/run/syslogd.pid'
}
default: {
fail("Don't know how to configure rsyslog on ${osdist}")
}
}
iptables {
'syslog-input':
ipfamily => ['ipv4','ipv6'], chain => 'INPUT',
saddr => $syslog::vars::allowed_clients,
proto => ['udp','tcp'], dport => 514,
target => 'ACCEPT';
}
fs::mount {
'/syslogs':
before => Class[syslog::service];
}
file {
'/syslogs/audit':
ensure => directory,
owner => 'root', group => 'root', mode => '0755',
before => Class[syslog::service];
'/etc/logrotate.d/logstream':
ensure => file,
owner => 'root', group => 'root', mode => '0444';
# Replaced by compress-auditlogs script run from cron.
'/etc/logrotate.d/auditstream':
ensure => absent;
}
# On Sunday mornings there will be triple SIGHUPs sent to rsyslogd, since
# the rotation of the normal logs in /var/log will also run then. Would
# be nice to avoid that, but that does not seem possible.
xaugeas {
'logrotate-logstream':
file => '/etc/logrotate.d/logstream', lens => 'Logrotate.lns',
changes => [
'rm *',
"set rule/file '/syslogs/logstream'",
"set rule/rotate '1'",
"set rule/compress 'nocompress'",
"set rule/schedule 'daily'",
"set rule/create/mode '644'",
"set rule/create/owner 'root'",
"set rule/create/group 'root'",
"set rule/missingok 'missingok'",
"set rule/postrotate '\t\t/bin/kill -HUP `/bin/cat ${rsyslogd_pidfile} 2>/dev/null` 2>/dev/null || true'",
],
require => File['/etc/logrotate.d/logstream'];
}
file {
"${rootuser::homedir}/bin/compress-syslogs.sh":
source => 'puppet:///modules/syslog/compress-syslogs.sh',
owner => 'root', group => 'root', mode => '0555';
"${rootuser::homedir}/bin/compress-auditlogs.sh":
source => 'puppet:///modules/syslog/compress-auditlogs.sh',
owner => 'root', group => 'root', mode => '0555';
}
# FIXME: If the syslog server happens to be down when this cron job
# runs, that particular month will never be compressed.
cron {
'compress-old-logs':
command => shellquote(
'/root/bin/compress-syslogs.sh', '-v', '3 months ago'),
month => '1-12', monthday => '3', weekday => '*',
hour => 5, minute => 20;
'compress-auditlogs':
command => shellquote('/root/bin/compress-auditlogs.sh'),
month => '*', monthday => '*', weekday => '*',
hour => 6, minute => 20;
}
}
# Add or remove $ModLoad directives from the rsyslog configuration.
define syslog::modload($ensure='present')
{
$modload_re = sprintf(
'^\$[Mm][Oo][Dd][Ll][Oo][Aa][Dd]\s+%s(\s*#.*)?$', $name
)
case $ensure
{
'present': {
ensure_line {
"syslog::modload::${name}":
file => '/etc/rsyslog.conf',
line => "\$ModLoad ${name}",
sufficient => $modload_re,
addhow => prepend,
require => Package['rsyslog'],
notify => Service['rsyslog'];
}
}
'absent': {
delete_lines {
"syslog::modload::${name}":
file => '/etc/rsyslog.conf',
pattern => $modload_re,
require => Package['rsyslog'],
notify => Service['rsyslog'];
}
}
default: {
fail("Syslog::Modload[${title}]:",
" Bad parameter ensure, \"${ensure}\"")
}
}
}
class syslog::service
{
package {
'rsyslog':
ensure => installed,
notify => Service['rsyslog'];
}
syslog::modload {
'imuxsock': ensure => present;
}
if $::initsystem == 'systemd' {
# Rsyslog should get kernel messages from journald instead of
# reading the kernel socket itself.
syslog::modload {
'imklog': ensure => absent;
'imjournal': ensure => present;
}
} else {
# But on non-systemd systems, it is of course the reverse.
syslog::modload {
'imklog': ensure => present;
'imjournal': ensure => absent;
}
}
service {
'rsyslog':
ensure => $::running, enable => true,
hasstatus => true, hasrestart => true;
}
}
class syslog::vars
{
include nscnets
# We also take care of logs from NDGF.
$allowed_clients = [ $nscnets::all_public, $nscnets::network_management,
'bobo.ndgf.org' ]
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment