Syslog forwarding WIP.

441bb173 · nimrod · 8fd46066 · 441bb173 · 441bb173 · 441bb173
Commit 441bb173 authored 9 years ago by nimrod
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,3 +3,13 @@

 - name: Update CA store
  command: /usr/sbin/update-ca-certificates
+
+- name: Restart rsyslog
+  service:
+    name: rsyslog
+    state: restarted
+
+- name: Restart syslogd
+  service:
+    name: syslogd
+    state: restarted
--- a/tasks/syslog_forward.yml
+++ b/tasks/syslog_forward.yml
@@ -3,7 +3,28 @@
 - name: apt install rsyslog
  when: ansible_os_family == 'Debian'
  apt:
-    name: rsyslog
+    name: rsyslog-gnutls
    state: present
    update_cache: yes
    cache_valid_time: 3600
+
+- name: Configure rsyslog forwarding
+  when: ansible_os_family == 'Debian'
+  template:
+    src: forwarding.conf.j2
+    dest: /etc/rsyslog.d/forwarding.conf.j2
+    owner: root
+    group: root
+    mode: '0644'
+  notify:
+  - Restart rsyslog
+
+- name: Configure syslogd forwarding
+  when: ansible_os_family == 'OpenBSD'
+  lineinfile:
+    dest: /etc/syslog.conf
+    line: '*.* @tls://{{ syslog_server}}'
+    regexp: '^*.* @'
+    state: present
+  notify:
+  - Restart syslogd
--- a/templates/forwarding.conf.j2
+++ b/templates/forwarding.conf.j2
+$DefaultNetstreamDriver gtls
+$DefaultNetstreamDriverCAFile {{ tls_ca_cert_path }}
+$DefaultNetstreamDriverCertFile {{ tls_cert_path }}
+$DefaultNetstreamDriverKeyFile {{ tls_key_path }}
+
+$ActionSendStreamDriverAuthMode x509/name
+$ActionSendStreamDriverPermittedPeer {{ syslog_server }}
+$ActionSendStreamDriverMode 1
+*.* @@{{ syslog_server }}