COOK-28, add rsyslog cookbook

e21ddfd5 · jtimberman · e21ddfd5 · e21ddfd5 · e21ddfd5 · e21ddfd5
Commit e21ddfd5 authored Apr 06, 2009 by jtimberman
9 changed files
--- a/README.rdoc
+++ b/README.rdoc
+= DESCRIPTION:
+
+Installs rsyslog to replace sysklogd for client and/or server use. By default, server will be set up to log to files.
+
+= REQUIREMENTS:
+
+== Platform:
+
+Tested on Ubuntu 8.10.
+
+== Cookbooks:
+
+= ATTRIBUTES: 
+
+* rsyslog[:log_dir] - specify the directory to store logs (applicable to server only)
+* rsyslog[:server] - specify the remote rsyslog server.
+
+= USAGE:
+
+To replace the sysklogd syslog service with rsyslog:
+
+  include_recipe "rsyslog"
+  
+To set up a client with a remote [r]syslog server:
+
+  include_recipe "rsyslog::client"
+  
+Note, the remote server must support syslog on TCP, so set up a server with:
+
+  include_recipe "rsyslog::server"
+
+= LICENSE and AUTHOR:
+      
+Author:: Joshua Timberman (<joshua@opscode.com>)
+
+Copyright:: 2009, Opscode, Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
--- a/attributes/rsyslog.rb
+++ b/attributes/rsyslog.rb
+#
+# Cookbook Name:: rsyslog
+# Attributes:: rsyslog
+#
+# Copyright 2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+rsyslog Mash.new unless attribute?("rsyslog")
+
+rsyslog[:log_dir] = "/srv/rsyslog" unless rsyslog.has_key?(:log_dir)
+rsyslog[:server] = false           unless rsyslog.has_key?(:server)
--- a/files/default/rsyslog.default
+++ b/files/default/rsyslog.default
+# Generated by Chef
+#
+# Use v3 native mode, rather than compatibility mode by specifying -c3
+# here. Compatibility mode for older versions is not recommended as 
+# custom configuration may get messy. 
+# 
+# See rsyslogd(8) for more details
+
+RSYSLOGD_OPTIONS="-c3"
--- a/recipes/client.rb
+++ b/recipes/client.rb
+#
+# Cookbook Name:: rsyslog
+# Recipe:: client
+#
+# Copyright 2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "rsyslog"
+
+rsyslog_server = node[:rsyslog][:server] ? node[:rsyslog][:server] : search(:node, "recipe:rsyslog::server").first["fqdn"]
+
+template "/etc/rsyslog.d/remote.conf" do
+  source "remote.conf.erb"
+  variables :server => rsyslog_server
+  owner "root"
+  group "root"
+  mode 0644
+  notifies :restart, resources(:service => "rsyslog"), :delayed
+end
--- a/recipes/default.rb
+++ b/recipes/default.rb
+#
+# Cookbook Name:: rsyslog
+# Recipe:: default
+#
+# Copyright 2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package "rsyslog" do
+  action :install
+end
+
+service "rsyslog" do
+  supports :restart => true, :reload => true
+  action [:enable, :start]
+end
+
+remote_file "/etc/default/rsyslog" do
+  source "rsyslog.default"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+directory "/etc/rsyslog.d" do
+  owner "root"
+  group "root"
+  mode 0755
+end
+
+template "/etc/rsyslog.conf" do
+  source "rsyslog.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+  notifies :restart, resources(:service => "rsyslog"), :delayed
+end
--- a/recipes/server.rb
+++ b/recipes/server.rb
+#
+# Cookbook Name:: rsyslog
+# Recipe:: server
+#
+# Copyright 2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "rsyslog"
+
+directory "/srv/rsyslog" do
+  owner "root"
+  group "root"
+  mode 0755
+end
+
+template "/etc/rsyslog.d/server.conf" do
+  source "server.conf.erb"
+  variables :log_dir => node[:rsyslog][:log_dir]
+  owner "root"
+  group "root"
+  mode 0755
+  notifies :restart, resources(:service => "rsyslog"), :delayed
+end
+
+cron "rsyslog_gz" do
+  minute "0"
+  hour "4"
+  command "find #{node[:rsyslog][:log_dir]}/`date +%Y` -type f -mtime +1 -exec gzip {} \;"
+end
--- a/templates/default/remote.conf.erb
+++ b/templates/default/remote.conf.erb
+*.* @@<%= @server -%>
--- a/templates/default/rsyslog.conf.erb
+++ b/templates/default/rsyslog.conf.erb
+#  /etc/rsyslog.conf	Configuration file for rsyslog v3.
+#
+#			For more information see 
+#			/usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
+
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog   # provides kernel logging support (previously done by rklogd) 
+#$ModLoad immark  # provides --MARK-- message capability
+
+# provides UDP syslog reception
+#$ModLoad imudp
+#$UDPServerRun 514
+
+# provides TCP syslog reception
+#$ModLoad imtcp
+#$InputTCPServerRun 514
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Use default timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+#
+# First some standard log files.  Log by facility.
+#
+auth,authpriv.*			/var/log/auth.log
+*.*;auth,authpriv.none		-/var/log/syslog
+#cron.*				/var/log/cron.log
+daemon.*			-/var/log/daemon.log
+kern.*				-/var/log/kern.log
+lpr.*				-/var/log/lpr.log
+mail.*				-/var/log/mail.log
+user.*				-/var/log/user.log
+
+#
+# Logging for the mail system.  Split it up so that
+# it is easy to write scripts to parse these files.
+#
+mail.info			-/var/log/mail.info
+mail.warn			-/var/log/mail.warn
+mail.err			/var/log/mail.err
+
+#
+# Logging for INN news system.
+#
+news.crit			/var/log/news/news.crit
+news.err			/var/log/news/news.err
+news.notice			-/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+*.=debug;\
+	auth,authpriv.none;\
+	news.none;mail.none	-/var/log/debug
+*.=info;*.=notice;*.=warn;\
+	auth,authpriv.none;\
+	cron,daemon.none;\
+	mail,news.none		-/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg				*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+#	news.=crit;news.=err;news.=notice;\
+#	*.=debug;*.=info;\
+#	*.=notice;*.=warn	/dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
+# you must invoke `xconsole' with the `-file' option:
+# 
+#    $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+#      busy site..
+#
+daemon.*;mail.*;\
+	news.err;\
+	*.=debug;*.=info;\
+	*.=notice;*.=warn	|/dev/xconsole
+
--- a/templates/default/server.conf.erb
+++ b/templates/default/server.conf.erb
+$ModLoad imtcp
+$InputTCPServerRun 514
+
+$DirGroup root
+$DirCreateMode 0755
+$FileGroup root
+
+$template PerHostAuth,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/auth.log"
+$template PerHostCron,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/cron.log"
+$template PerHostSyslog,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/syslog"
+$template PerHostDaemon,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/daemon.log"
+$template PerHostKern,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/kern.log"
+$template PerHostLpr,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/lpr.log"
+$template PerHostUser,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/user.log"
+$template PerHostMail,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.log"
+$template PerHostMailInfo,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.info"
+$template PerHostMailWarn,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.warn"
+$template PerHostMailErr,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.err"
+$template PerHostNewsCrit,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/news.crit"
+$template PerHostNewsErr,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/news.err"
+$template PerHostNewsNotice,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/news.notice"
+$template PerHostDebug,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/debug"
+$template PerHostMessages,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/messages"
+
+auth,authpriv.*         ?PerHostAuth
+*.*;auth,authpriv.none  -?PerHostSyslog
+cron.*                  ?PerHostCron
+daemon.*                -?PerHostDaemon
+kern.*                  -?PerHostKern
+lpr.*                   -?PerHostLpr
+mail.*                  -?PerHostMail
+user.*                  -?PerHostUser
+
+mail.info               -?PerHostMailInfo
+mail.warn               ?PerHostMailWarn
+mail.err                ?PerHostMailErr
+
+news.crit               ?PerHostNewsCrit
+news.err                ?PerHostNewsErr
+news.notice             -?PerHostNewsNotice
+
+*.=debug;\
+  auth,authpriv.none;\
+  news.none;mail.none   -?PerHostDebug
+
+*.=info;*.=notice;*.=warn;\
+  auth,authpriv.none;\
+  cron,daemon.none;\
+  mail,news.none        -?PerHostMessages
+