Commit 69143d3d authored by Jennifer Davis's avatar Jennifer Davis
Browse files

resolving merge conflicts

parent 6e05ccdf
rvm: 2.2
sudo: required
dist: trusty
......@@ -11,6 +9,10 @@ addons:
- chefdk
- master
services: docker
......@@ -40,11 +42,12 @@ before_script:
- sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER )
- eval "$(/opt/chefdk/bin/chef shell-init bash)"
- /opt/chefdk/embedded/bin/chef gem install kitchen-docker
- /opt/chefdk/embedded/bin/chef gem install kitchen-dokken
- /opt/chefdk/embedded/bin/chef --version
- /opt/chefdk/embedded/bin/rubocop --version
- /opt/chefdk/embedded/bin/rubocop
- /opt/chefdk/embedded/bin/cookstyle --version
- /opt/chefdk/embedded/bin/cookstyle
- /opt/chefdk/embedded/bin/foodcritic --version
- /opt/chefdk/embedded/bin/foodcritic . --exclude spec -f any
- /opt/chefdk/embedded/bin/rspec
# rsyslog Cookbook CHANGELOG
This file is used to list changes made in each version of the rsyslog cookbook.
## v.4.0.1 (UNRELEASED)
- PR #76 Validate the config file using `rsyslogd -N 1` via eherot
- PR #105 Use correct file name for remote.conf via mfenner
- PR #105 Add $LocalHostName directive via mfenner
- PR #105 Change directive `:fromhost-ip,!isequal,""` from using ~ to stop via mfenner
- PR #110 Add support for permitted peer via dastergon
- Add SUSE support
- Clean up travis configuration
## v.4.0.0 (2015-12-09)
- Removed support for Chef Solo. Since this cookbook now supports Chef 12+ only it makes far more sense to use Chef Zero (local mode) if a Chef server is not available.
- Removed yum from the Berksfile as it wasn't being used
......@@ -9,6 +9,7 @@ Installs and configures rsyslog to replace sysklogd for client and/or server use
- RHEL/CentOS/Scientific/Amazon/Oracle
- Fedora 21+
- OmniOS r151006c
- OpenSUSE
### Chef
- Chef 12+
......@@ -55,10 +56,12 @@ See `attributes/default.rb` for default values.
- `node['rsyslog']['tls_certificate_file']` - Path to TLS certificate file. Required for server, optional for clients.
- `node['rsyslog']['tls_key_file']` - Path to TLS key file. Required for server, optional for clients.
- `node['rsyslog']['tls_auth_mode']` - Value for `$InputTCPServerStreamDriverAuthMode`/`$ActionSendStreamDriverAuthMode`, determines whether client certs are validated. Defaults to `anon` (no validation).
- `node['rsyslog']['tls_permitted_peer']` - Value for `ActionSendStreamDriverPermittedPeer`, it narrows the list of the allowed hosts. Works with TLS only. Defaults to `nil`.
- `node['rsyslog']['use_local_ipv4']` - Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available). Default is 'false'.
- `node['rsyslog']['allow_non_local']` - Whether or not to allow non-local messages. If 'false', incoming messages are only allowed from Default is 'false'.
- `node['rsyslog']['custom_remote']` - Array of hashes for configuring custom remote server targets
- `node['rsyslog']['additional_directives']` - Hash of additional directives and their values to place in the main rsyslog config file
- `node['rsyslog']['local_host_name']` - permits to overwrite the system hostname with the one specified in the directive
## Recipes
### default
......@@ -97,7 +100,7 @@ Any previous logs are not cleaned up from the `log_dir`.
### server
Configures the node to be a rsyslog server. The chosen rsyslog server node should be defined in the `server_ip` attribute or resolvable by the specified search criteria specified in `node['rsyslog']['server_search]` (so that nodes making use of the `client` recipe can find the server to log to).
This recipe will create the logs in `node['rsyslog']['log_dir']`, and the configuration is in `/etc/rsyslog.d/server.conf`. This recipe also removes any previous configuration to a remote server by removing the `/etc/rsyslog.d/49-remote.conf` file.
The `server` recipe will create the logs in attribute `node['rsyslog']['log_dir']`, and the configuration in `/etc/rsyslog.d/server.conf`. This recipe also removes any previous configuration to a remote server by removing the file `/etc/rsyslog.d/49-remote.conf`.
The cron job used in the previous version of this cookbook is removed, but it does not remove any existing cron job from your system (so it doesn't break anything unexpectedly). We recommend setting up logrotate for the logfiles instead.
......@@ -48,6 +48,7 @@ default['rsyslog']['tls_ca_file'] = nil
default['rsyslog']['tls_certificate_file'] = nil
default['rsyslog']['tls_key_file'] = nil
default['rsyslog']['tls_auth_mode'] = 'anon'
default['rsyslog']['tls_permitted_peer'] = nil
default['rsyslog']['use_local_ipv4'] = false
default['rsyslog']['allow_non_local'] = false
default['rsyslog']['custom_remote'] = [{}]
......@@ -4,7 +4,7 @@ maintainer_email ''
license 'Apache 2.0'
description 'Installs and configures rsyslog'
long_description, ''))
version '4.0.4'
version '4.0.0'
recipe 'rsyslog', 'Installs rsyslog'
recipe 'rsyslog::client', 'Sets up a client to log to a remote rsyslog server'
......@@ -16,6 +16,9 @@ $DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %>
$DefaultNetstreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] %>
<% if node['rsyslog']['tls_permitted_peer'] -%>
$ActionSendStreamDriverPermittedPeer <%= node['rsyslog']['tls_permitted_peer'] %>
<% end -%>
<% end -%>
<% @servers.each do |server| -%>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment