aboutsummaryrefslogtreecommitdiffstats
path: root/roles/rsyslog_client
diff options
context:
space:
mode:
Diffstat (limited to 'roles/rsyslog_client')
-rw-r--r--roles/rsyslog_client/defaults/main.yml7
-rw-r--r--roles/rsyslog_client/handlers/main.yml4
-rw-r--r--roles/rsyslog_client/tasks/main.yml27
-rw-r--r--roles/rsyslog_client/templates/etc/rsyslog.conf.j261
-rw-r--r--roles/rsyslog_client/vars/main.yml8
5 files changed, 107 insertions, 0 deletions
diff --git a/roles/rsyslog_client/defaults/main.yml b/roles/rsyslog_client/defaults/main.yml
new file mode 100644
index 0000000..9ba00aa
--- /dev/null
+++ b/roles/rsyslog_client/defaults/main.yml
@@ -0,0 +1,7 @@
+rsyslog_target: '{{ syslog_host }}'
+rsyslog_forward: yes
+rsyslog_queue_max_disk_space: 250m
+rsyslog_queue_size: 10000
+rsyslog_relp_port: 20514
+rsyslog_relp_tls_port: 10514
+rsyslog_tls: yes
diff --git a/roles/rsyslog_client/handlers/main.yml b/roles/rsyslog_client/handlers/main.yml
new file mode 100644
index 0000000..35e1f2d
--- /dev/null
+++ b/roles/rsyslog_client/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart rsyslog
+ systemd:
+ name: rsyslog
+ state: restarted
diff --git a/roles/rsyslog_client/tasks/main.yml b/roles/rsyslog_client/tasks/main.yml
new file mode 100644
index 0000000..c610d6d
--- /dev/null
+++ b/roles/rsyslog_client/tasks/main.yml
@@ -0,0 +1,27 @@
+- name: install rsyslog
+ dnf:
+ name: '{{ rsyslog_packages }}'
+ state: present
+
+- name: request TLS certificate
+ include_role:
+ name: getcert_request
+ vars:
+ certificate_sans: ['{{ ansible_fqdn }}']
+ certificate_service: syslog
+ certificate_path: '{{ rsyslog_certificate_path }}'
+ certificate_key_path: '{{ rsyslog_certificate_key_path }}'
+ certificate_hook: systemctl restart rsyslog
+ when: rsyslog_tls
+
+- name: generate rsyslog configuration
+ template:
+ src: etc/rsyslog.conf.j2
+ dest: /etc/rsyslog.conf
+ notify: restart rsyslog
+
+- name: enable rsyslog
+ systemd:
+ name: rsyslog
+ enabled: yes
+ state: started
diff --git a/roles/rsyslog_client/templates/etc/rsyslog.conf.j2 b/roles/rsyslog_client/templates/etc/rsyslog.conf.j2
new file mode 100644
index 0000000..83dc799
--- /dev/null
+++ b/roles/rsyslog_client/templates/etc/rsyslog.conf.j2
@@ -0,0 +1,61 @@
+module(load="imklog")
+module(load="imuxsock" SysSock.name="/run/systemd/journal/syslog")
+module(load="imfile")
+module(load="omrelp" tls.tlslib="openssl")
+
+global(
+ workDirectory="/var/lib/rsyslog"
+ parser.escapecontrolcharactertab="off"
+)
+
+module(
+ load="builtin:omfile"
+ template="RSYSLOG_TraditionalFileFormat"
+ fileOwner="root"
+ fileGroup="root"
+ fileCreateMode="0600"
+ dirCreateMode="0700"
+)
+
+include(file="/etc/rsyslog.d/*.conf" mode="optional")
+
+# if message didn't come from imfile, process as normal.
+if ($!metadata!filename == '') then {
+ # EL defaults
+ *.info;mail.none;authpriv.none;cron.none /var/log/messages
+ authpriv.* /var/log/secure
+ mail.* -/var/log/maillog
+ cron.* /var/log/cron
+ *.emerg :omusrmsg:*
+ uucp,news.crit /var/log/spooler
+ local7.* /var/log/boot.log
+}
+
+{% if rsyslog_forward %}
+# forward to syslog server
+if prifilt("*.info") then {
+ action(type="omrelp"
+ template="RSYSLOG_ForwardFormat"
+ target="{{ rsyslog_target }}"
+ {% if rsyslog_tls %}
+ port="{{ rsyslog_relp_tls_port }}"
+ tls="on"
+ tls.caCert="{{ rsyslog_certificate_ca_path }}"
+ tls.myCert="{{ rsyslog_certificate_path }}"
+ tls.myPrivKey="{{ rsyslog_certificate_key_path }}"
+ tls.authMode="name"
+ tls.permittedPeer="{{ rsyslog_target }}"
+ {% else %}
+ port="{{ rsyslog_relp_port }}"
+ {% endif %}
+ queue.type="LinkedList"
+ queue.size="{{ rsyslog_queue_size }}"
+ queue.filename="q_forward"
+ queue.saveOnShutdown="on"
+ queue.maxDiskSpace="{{ rsyslog_queue_max_disk_space }}"
+ action.resumeRetryCount="-1"
+ action.resumeInterval="10"
+ action.reportSuspension="on"
+ action.reportSuspensionContinuation="on")
+}
+{% endif %}
diff --git a/roles/rsyslog_client/vars/main.yml b/roles/rsyslog_client/vars/main.yml
new file mode 100644
index 0000000..d36a841
--- /dev/null
+++ b/roles/rsyslog_client/vars/main.yml
@@ -0,0 +1,8 @@
+rsyslog_packages:
+ - rsyslog
+ - rsyslog-relp
+ - rsyslog-openssl
+
+rsyslog_certificate_path: /etc/pki/rsyslog/syslog.pem
+rsyslog_certificate_key_path: /etc/pki/rsyslog/syslog.key
+rsyslog_certificate_ca_path: /etc/ipa/ca.crt
generated by cgit (git 2.34.1) at 2024-09-19 13:00:34 -0400