from-scratch 0.3.0 → 0.5.0

data/cookbooks/rsyslog/README.md

@@ -0,0 +1,276 @@
+rsyslog Cookbook
+================
+[![Build Status](https://travis-ci.org/chef-cookbooks/rsyslog.svg?branch=master)](http://travis-ci.org/chef-cookbooks/rsyslog)
+[![Cookbook Version](https://img.shields.io/cookbook/v/rsyslog.svg)](https://supermarket.chef.io/cookbooks/rsyslog)
+
+Installs and configures rsyslog to replace sysklogd for client and/or server use. By default, the service will be configured to log to files on local disk. See the Recipes and Examples sections for other uses.
+
+
+Requirements
+------------
+#### Platforms
+- Debian/Ubuntu
+- RHEL/CentOS/Scientific/Amazon/Oracle
+- Fedora 20+
+- OmniOS r151006c
+
+#### Chef
+- Chef 11+
+
+#### Cookbooks
+- none
+
+#### Other
+To use the `recipe[rsyslog::client]` recipe, you'll need to set up the `rsyslog.server_search` or `rsyslog.server_ip` attributes.  See the __Recipes__ and __Examples__ sections below.
+
+
+Attributes
+----------
+See `attributes/default.rb` for default values.
+
+* `node['rsyslog']['log_dir']` - If the node is an rsyslog server, this specifies the directory where the logs should be stored.
+* `node['rsyslog']['working_dir']` - The temporary working directory where messages are buffered
+* `node['rsyslog']['server']` - Determined automatically and set to true on the server.
+* `node['rsyslog']['server_ip']` - If not defined then search will be used to determine rsyslog server. Default is `nil`.  This can be a string or an array.
+* `node['rsyslog']['server_search']` - Specify the criteria for the server search operation. Default is `role:loghost`.
+* `node['rsyslog']['protocol']` - Specify whether to use `udp` or `tcp` for remote loghost. Default is `tcp`. To use both specify both in a string e.g. 'udptcp'.
+* `node['rsyslog']['bind']` - Specify the address to which the server should be listening; only use with `node['rsyslog']['protocol'] = 'udp'` because the feature does not work with the `tcp` protocol ([more info](http://www.rsyslog.com/doc/master/configuration/modules/imtcp.html#caveats-known-bugs)).
+* `node['rsyslog']['port']` - Specify the port which rsyslog should connect to a remote loghost.
+* `node['rsyslog']['remote_logs']` - Specify whether to send all logs to a remote server (client option). Default is `true`.
+* `node['rsyslog']['per_host_dir']` - "PerHost" directories for template statements in `35-server-per-host.conf`. Default value is the previous cookbook version's value, to preserve compatibility. See __server__ recipe below.
+* `node['rsyslog']['priv_seperation']` - Whether to use privilege separation or not.
+* `node['rsyslog']['priv_user']` - User to run as when using privilege separation. Defult is  `node['rsyslog']['user']`
+* `node['rsyslog']['priv_group']` - Group to run as when using privilege separation. Defult is  `node['rsyslog']['group']`
+* `node['rsyslog']['max_message_size']` - Specify the maximum allowed message size. Default is 2k.
+* `node['rsyslog']['user']` - Who should own the configuration files and directories
+* `node['rsyslog']['group']` - Who should group-own the configuration files and directories
+* `node['rsyslog']['defaults_file']` - The full path to the defaults/sysconfig file for the service.
+* `node['rsyslog']['service_name']` - The platform-specific name of the service
+* `node['rsyslog']['preserve_fqdn']` - Value of the `$PreserveFQDN` configuration directive in `/etc/rsyslog.conf`. Default is 'off' for compatibility purposes.
+* `node['rsyslog']['high_precision_timestamps']` -  Enable high precision timestamps, instead of the "old style" format.  Default is 'false'.
+* `node['rsyslog']['repeated_msg_reduction']` -  Value of `$RepeatedMsgReduction` configuration directive in `/etc/rsyslog.conf`. Default is 'on'
+* `node['rsyslog']['logs_to_forward']` -  Specifies what logs should be sent to the remote rsyslog server. Default is all ( \*.\* ).
+* `node['rsyslog']['default_log_dir']` - log directory used in `50-default.conf` template, defaults to `/var/log`
+* `node['rsyslog']['default_facility_logs']` - Hash containing log facilities and destinations used in `50-default.conf` template.
+* `node['rsyslog']['default_file_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for local log files.
+* `node['rsyslog']['default_remote_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for sending to remote servers.
+* `node['rsyslog']['rate_limit_interval']` - Value of the $SystemLogRateLimitInterval configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.
+* `node['rsyslog']['rate_limit_burst']` - Value of the $SystemLogRateLimitBurst configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.
+* `node['rsyslog']['action_queue_max_disk_space']` - Max amount of disk space the disk-assisted queue is allowed to use ([more info](http://www.rsyslog.com/doc/queues.html)).
+* `node['rsyslog']['enable_tls']` - Whether or not to enable TLS encryption.  When enabled, forces protocol to `tcp`. Default is `false`.
+* `node['rsyslog']['tls_ca_file']` - Path to TLS CA file. Required for both server and clients.
+* `node['rsyslog']['tls_certificate_file']` - Path to TLS certificate file. Required for server, optional for clients.
+* `node['rsyslog']['tls_key_file']` - Path to TLS key file. Required for server, optional for clients.
+* `node['rsyslog']['tls_auth_mode']` - Value for `$InputTCPServerStreamDriverAuthMode`/`$ActionSendStreamDriverAuthMode`, determines whether client certs are validated. Defaults to `anon` (no validation).
+* `node['rsyslog']['use_local_ipv4']` - Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available).  Default is 'false'.
+* `node['rsyslog']['allow_non_local']` - Whether or not to allow non-local messages. If 'false', incoming messages are only allowed from 127.0.0.1. Default is 'false'.
+* `node['rsyslog']['custom_remote']` - Array of hashes for configuring custom remote server targets
+* `node['rsyslog']['additional_directives']` - Hash of additional directives and their values to place in the main rsyslog config file
+
+Recipes
+-------
+### default
+Installs the rsyslog package, manages the rsyslog service and sets up basic configuration for a standalone machine.
+
+### client
+Includes `recipe[rsyslog]`.
+
+Uses `node['rsyslog']['server_ip']` or Chef search (in that precedence order) to determine the remote syslog server's IP address. If search is used, the search query will look for the first `ipaddress` returned from the criteria specified in `node['rsyslog']['server_search']`.
+
+You can use `node['rsyslog']['custom_config']` to define custom entries for sending logs to remote servers.
+Available attributes:
+```
+    'server': Ip/hostname of remote syslog server (Required)
+    'port': Port to send logs to
+    'logs': Syslog log facilities to send (auth, authpriv, daemon, etc)
+    'protocol': Can be tcp or udp
+    'remote_template': Rsyslog template used for the messages
+```
+
+Example:
+
+```ruby
+node['rsyslog']['custom_remote'] = [{ 'server' => '10.10.4.4', 'port' => '567', 'logs' => 'auth.*,mail.*', 'protocol' => 'udp', 'remote_template' => 'RSYSLOG_SyslogProtocol23Format'},
+                                    { 'server' => '10.0.0.3', 'port' => '555', 'logs' => 'authpriv,daemon.*' } ]
+```
+
+The server key is required; if other keys are left out, the default global values will be used (eg `node['rsyslog']['port']` will be used if 'port' is omitted)
+
+
+If the node itself is a rsyslog server ie it has `rsyslog.server` set to true then the configuration is skipped.
+
+If the node had an `/etc/rsyslog.d/35-server-per-host.conf` file previously configured, this file gets removed to prevent duplicate logging.
+
+Any previous logs are not cleaned up from the `log_dir`.
+
+### server
+Configures the node to be a rsyslog server. The chosen rsyslog server node should be defined in the `server_ip` attribute or resolvable by the specified search criteria specified in `node['rsyslog']['server_search]` (so that nodes making use of the `client` recipe can find the server to log to).
+
+This recipe will create the logs in `node['rsyslog']['log_dir']`, and the configuration is in `/etc/rsyslog.d/server.conf`. This recipe also removes any previous configuration to a remote server by removing the `/etc/rsyslog.d/remote.conf` file.
+
+The cron job used in the previous version of this cookbook is removed, but it does not remove any existing cron job from your system (so it doesn't break anything unexpectedly). We recommend setting up logrotate for the logfiles instead.
+
+The `log_dir` will be concatenated with `per_host_dir` to store the logs for each client. Modify the attribute to have a value that is allowed by rsyslogs template matching values, see the rsyslog documentation for this.
+
+Directory structure:
+
+```erb
+<%= @log_dir %>/<%= @per_host_dir %>/"logfile"
+```
+
+For example for the system with hostname `www`:
+
+```text
+/srv/rsyslog/2011/11/19/www/messages
+```
+
+For example, to change this to just the hostname, set the attribute `node['rsyslog']['per_host_dir']` via a role:
+
+```ruby
+"rsyslog" => { "per_host_dir" => "%HOSTNAME%" }
+```
+
+At this time, the server can only listen on UDP *or* TCP.
+
+Resources
+=========
+
+file_input
+----------
+
+Configures a [text file input
+monitor](http://www.rsyslog.com/doc/imfile.html) to push a log file into
+rsyslog.
+
+Attributes:
+* `name`: name of the resource, also used for the syslog tag. Required.
+* `file`: file path for input file to monitor. Required.
+* `priority`: config order priority. Defaults to `99`.
+* `severity`: syslog severity. Must be one of `emergency`, `alert`,
+`critical`, `error`, `warning`, `notice`, `info` or `debug`. If
+undefined, rsyslog interprets this as `notice`.
+* `facility`: syslog facility. Must be one of `auth`, `authpriv`,
+`daemon`, `cron`, `ftp`, `lpr`, `kern`, `mail`, `news`, `syslog`,
+`user`, `uucp`, `local0`, ... , `local7`. If undefined, rsyslog
+interprets this as `local0`.
+* `cookbook`: cookbook containing the template. Defaults to `rsyslog`.
+* `source`: template file source. Defaults to `file-input.conf.erb`
+
+
+Usage
+=====
+Use `recipe[rsyslog]` to install and start rsyslog as a basic configured service for standalone systems.
+
+Use `recipe[rsyslog::client]` to have nodes log to a remote server (which is found via the `server_ip` attribute or by the recipe's search call -- see __client__)
+
+Use `recipe[rsyslog::server]` to set up a rsyslog server. It will listen on `node['rsyslog']['port']` protocol `node['rsyslog']['protocol']`.
+
+If you set up a different kind of centralized loghost (syslog-ng, graylog2, logstash, etc), you can still send log messages to it as long as the port and protocol match up with the server software. See __Examples__
+
+Use `rsyslog_file_input` within your recipes to forward log files to
+your remote syslog server.
+
+
+### Examples
+A `base` role (e.g., roles/base.rb), applied to all nodes so they are syslog clients:
+
+```ruby
+name "base"
+description "Base role applied to all nodes
+run_list("recipe[rsyslog::client]")
+```
+
+Then, a role for the loghost (should only be one):
+
+```ruby
+name "loghost"
+description "Central syslog server"
+run_list("recipe[rsyslog::server]")
+```
+
+By default this will set up the clients search for a node with the `loghost` role to talk to the server on TCP port 514. Change the `protocol` and `port` rsyslog attributes to modify this.
+
+If you want to specify another syslog compatible server with a role other than loghost, simply fill free to use the `server_ip` attribute or the `server_search` attribute.
+
+Example role that sets the per host directory:
+
+```ruby
+name "loghost"
+description "Central syslog server"
+run_list("recipe[rsyslog::server]")
+default_attributes(
+  "rsyslog" => { "per_host_dir" => "%HOSTNAME%" }
+)
+```
+
+Default rsyslog options are rendered for RHEL family platforms, in `/etc/rsyslog.d/50-default.conf`
+with other platforms using a configuration like Debian family defaults.  You can override these
+log facilities and destinations using the `rsyslog['default_facility_logs']` hash.
+
+```ruby
+name "facility_log_example"
+run_list("recipe[rsyslog::default]")
+default_attributes(
+  "rsyslog" => {
+    "default_facility_logs" => {
+      '*.info;mail.none;authpriv.none;cron.none' => "/var/log/messages",
+      'authpriv' => '/var/log/secure',
+      'mail.*' => '-/var/log/maillog',
+      '*.emerg' => '*'
+    }
+  }
+)
+```
+
+Development
+-----------
+This section details "quick development" steps. For a detailed explanation, see [[Contributing.md]].
+
+1. Clone this repository from GitHub:
+
+    $ git clone git@github.com:chef-cookbooks/rsyslog.git
+
+2. Create a git branch
+
+    $ git checkout -b my_bug_fix
+
+3. Install dependencies:
+
+    $ bundle install
+
+4. Make your changes/patches/fixes, committing appropriately
+5. **Write tests**
+6. Run the tests:
+    - bundle exec foodcritic -f any .
+    - bundle exec rspec
+    - bundle exec rubocop
+    - bundle exec kitchen test
+
+  In detail:
+    - Foodcritic will catch any Chef-specific style errors
+    - RSpec will run the unit tests
+    - Rubocop will check for Ruby-specific style errors
+    - Test Kitchen will run and converge the recipes
+
+
+License & Authors
+-----------------
+- Author:: Joshua Timberman (<joshua@chef.io>)
+- Author:: Denis Barishev (<denz@twiket.com>)
+- Author:: Tim Smith (<tsmith84@gmail.com>)
+
+```text
+Copyright:: 2009-2015, Chef Software, Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+```

data/cookbooks/rsyslog/attributes/default.rb

@@ -0,0 +1,131 @@
+#
+# Cookbook Name:: rsyslog
+# Attributes:: default
+#
+# Copyright 2009-2015, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+default['rsyslog']['default_log_dir']           = '/var/log'
+default['rsyslog']['log_dir']                   = '/srv/rsyslog'
+default['rsyslog']['working_dir']               = '/var/spool/rsyslog'
+default['rsyslog']['server']                    = false
+default['rsyslog']['use_relp']                  = false
+default['rsyslog']['relp_port']                 = 20_514
+default['rsyslog']['protocol']                  = 'tcp'
+default['rsyslog']['bind']                      = '*'
+default['rsyslog']['port']                      = 514
+default['rsyslog']['server_ip']                 = nil
+default['rsyslog']['server_search']             = 'role:loghost'
+default['rsyslog']['remote_logs']               = true
+default['rsyslog']['per_host_dir']              = '%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%'
+default['rsyslog']['max_message_size']          = '2k'
+default['rsyslog']['preserve_fqdn']             = 'off'
+default['rsyslog']['high_precision_timestamps'] = false
+default['rsyslog']['repeated_msg_reduction']    = 'on'
+default['rsyslog']['logs_to_forward']           = '*.*'
+default['rsyslog']['enable_imklog']             = true
+default['rsyslog']['config_prefix']             = '/etc'
+default['rsyslog']['default_file_template']     = nil
+default['rsyslog']['default_remote_template']   = nil
+default['rsyslog']['rate_limit_interval']       = nil
+default['rsyslog']['rate_limit_burst']          = nil
+default['rsyslog']['enable_tls']                = false
+default['rsyslog']['action_queue_max_disk_space'] = '1G'
+default['rsyslog']['tls_ca_file']               = nil
+default['rsyslog']['tls_certificate_file']      = nil
+default['rsyslog']['tls_key_file']              = nil
+default['rsyslog']['tls_auth_mode']             = 'anon'
+default['rsyslog']['use_local_ipv4']            = false
+default['rsyslog']['allow_non_local']           = false
+default['rsyslog']['custom_remote']             = [{}]
+default['rsyslog']['additional_directives'] = {}
+
+# The most likely platform-specific attributes
+default['rsyslog']['service_name']              = 'rsyslog'
+default['rsyslog']['user']                      = 'root'
+default['rsyslog']['group']                     = 'adm'
+default['rsyslog']['priv_seperation']           = false
+default['rsyslog']['priv_user']                 = nil
+default['rsyslog']['priv_group']                = nil
+default['rsyslog']['modules']                   = %w(imuxsock imklog)
+
+# platform family specific attributes
+case node['platform_family']
+when 'rhel', 'fedora'
+  default['rsyslog']['working_dir'] = '/var/lib/rsyslog'
+  # format { facility => destination }
+  default['rsyslog']['default_facility_logs'] = {
+    '*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages",
+    'authpriv.*' => "#{node['rsyslog']['default_log_dir']}/secure",
+    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog",
+    'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron",
+    '*.emerg' => ':omusrmsg:*',
+    'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler",
+    'local7.*' => "#{node['rsyslog']['default_log_dir']}/boot.log"
+  }
+  # RHEL >= 7 and Fedora >= 19 use journald in systemd. Amazon Linux doesn't.
+  if node['platform'] != 'amazon' && (node['platform_version'].to_i == 7 || node['platform_version'].to_i >= 19)
+    default['rsyslog']['modules'] = %w(imuxsock imjournal)
+    default['rsyslog']['additional_directives'] = { 'OmitLocalLogging' => 'on', 'IMJournalStateFile' => 'imjournal.state' }
+  end
+else
+  # format { facility => destination }
+  default['rsyslog']['default_facility_logs'] = {
+    'auth,authpriv.*' => "#{node['rsyslog']['default_log_dir']}/auth.log",
+    '*.*;auth,authpriv.none' => "-#{node['rsyslog']['default_log_dir']}/syslog",
+    'daemon.*' => "-#{node['rsyslog']['default_log_dir']}/daemon.log",
+    'kern.*' => "-#{node['rsyslog']['default_log_dir']}/kern.log",
+    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log",
+    'user.*' => "-#{node['rsyslog']['default_log_dir']}/user.log",
+    'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info",
+    'mail.warn' => "-#{node['rsyslog']['default_log_dir']}/mail.warn",
+    'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err",
+    'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit",
+    'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err",
+    'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice",
+    '*.=debug;auth,authpriv.none;news.none;mail.none' => "-#{node['rsyslog']['default_log_dir']}/debug",
+    '*.=info;*.=notice;*.=warn;auth,authpriv.none;cron,daemon.none;mail,news.none' => "-#{node['rsyslog']['default_log_dir']}/messages",
+    '*.emerg' => ':omusrmsg:*'
+  }
+end
+
+# rsyslog 3/4 do not support the new :omusrmsg:* format and need * instead
+if (node['platform'] == 'ubuntu' && node['platform_version'].to_i < 12) || (node['platform_family'] == 'rhel' && node['platform_version'].to_i < 6)
+  default['rsyslog']['default_facility_logs']['*.emerg'] = '*'
+end
+
+# platform specific attributes
+case node['platform']
+when 'ubuntu'
+  # syslog user introduced with natty package
+  if node['platform_version'].to_f >= 11.04
+    default['rsyslog']['user'] = 'syslog'
+    default['rsyslog']['group'] = 'adm'
+    default['rsyslog']['priv_seperation'] = true
+    default['rsyslog']['priv_group'] = 'syslog'
+  end
+when 'arch'
+  default['rsyslog']['service_name'] = 'rsyslogd'
+when 'smartos'
+  default['rsyslog']['config_prefix'] = '/opt/local/etc'
+  default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp)
+  default['rsyslog']['group'] = 'root'
+when 'omnios'
+  default['rsyslog']['service_name'] = 'system/rsyslogd'
+  default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp)
+  default['rsyslog']['group'] = 'root'
+when 'suse'
+  default['rsyslog']['service_name'] = 'syslog'
+end

data/cookbooks/rsyslog/libraries/helpers.rb

@@ -0,0 +1,25 @@
+module RsyslogCookbook
+  # helpers for the various service providers on Ubuntu systems
+  module Helpers
+    def find_provider
+      if Chef::VersionConstraint.new('>= 15.04').include?(node['platform_version'])
+        service_provider = Chef::Provider::Service::Systemd
+      elsif Chef::VersionConstraint.new('>= 12.04').include?(node['platform_version'])
+        service_provider = Chef::Provider::Service::Upstart
+      else
+        service_provider = nil
+      end
+      service_provider
+    end
+
+    def declare_rsyslog_service
+      service_provider = 'ubuntu' == node['platform'] ? find_provider : nil
+
+      service node['rsyslog']['service_name'] do
+        supports restart: true, status: true
+        action   [:enable, :start]
+        provider service_provider
+      end
+    end
+  end
+end

data/cookbooks/rsyslog/metadata.json

@@ -0,0 +1 @@
+{"name":"rsyslog","version":"2.2.0","description":"Installs and configures rsyslog","long_description":"rsyslog Cookbook\n================\n[![Build Status](https://travis-ci.org/chef-cookbooks/rsyslog.svg?branch=master)](http://travis-ci.org/chef-cookbooks/rsyslog)\n[![Cookbook Version](https://img.shields.io/cookbook/v/rsyslog.svg)](https://supermarket.chef.io/cookbooks/rsyslog)\n\nInstalls and configures rsyslog to replace sysklogd for client and/or server use. By default, the service will be configured to log to files on local disk. See the Recipes and Examples sections for other uses.\n\n\nRequirements\n------------\n#### Platforms\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- Fedora 20+\n- OmniOS r151006c\n\n#### Chef\n- Chef 11+\n\n#### Cookbooks\n- none\n\n#### Other\nTo use the `recipe[rsyslog::client]` recipe, you'll need to set up the `rsyslog.server_search` or `rsyslog.server_ip` attributes.  See the __Recipes__ and __Examples__ sections below.\n\n\nAttributes\n----------\nSee `attributes/default.rb` for default values.\n\n* `node['rsyslog']['log_dir']` - If the node is an rsyslog server, this specifies the directory where the logs should be stored.\n* `node['rsyslog']['working_dir']` - The temporary working directory where messages are buffered\n* `node['rsyslog']['server']` - Determined automatically and set to true on the server.\n* `node['rsyslog']['server_ip']` - If not defined then search will be used to determine rsyslog server. Default is `nil`.  This can be a string or an array.\n* `node['rsyslog']['server_search']` - Specify the criteria for the server search operation. Default is `role:loghost`.\n* `node['rsyslog']['protocol']` - Specify whether to use `udp` or `tcp` for remote loghost. Default is `tcp`. To use both specify both in a string e.g. 'udptcp'.\n* `node['rsyslog']['bind']` - Specify the address to which the server should be listening; only use with `node['rsyslog']['protocol'] = 'udp'` because the feature does not work with the `tcp` protocol ([more info](http://www.rsyslog.com/doc/master/configuration/modules/imtcp.html#caveats-known-bugs)).\n* `node['rsyslog']['port']` - Specify the port which rsyslog should connect to a remote loghost.\n* `node['rsyslog']['remote_logs']` - Specify whether to send all logs to a remote server (client option). Default is `true`.\n* `node['rsyslog']['per_host_dir']` - \"PerHost\" directories for template statements in `35-server-per-host.conf`. Default value is the previous cookbook version's value, to preserve compatibility. See __server__ recipe below.\n* `node['rsyslog']['priv_seperation']` - Whether to use privilege separation or not.\n* `node['rsyslog']['priv_user']` - User to run as when using privilege separation. Defult is  `node['rsyslog']['user']`\n* `node['rsyslog']['priv_group']` - Group to run as when using privilege separation. Defult is  `node['rsyslog']['group']`\n* `node['rsyslog']['max_message_size']` - Specify the maximum allowed message size. Default is 2k.\n* `node['rsyslog']['user']` - Who should own the configuration files and directories\n* `node['rsyslog']['group']` - Who should group-own the configuration files and directories\n* `node['rsyslog']['defaults_file']` - The full path to the defaults/sysconfig file for the service.\n* `node['rsyslog']['service_name']` - The platform-specific name of the service\n* `node['rsyslog']['preserve_fqdn']` - Value of the `$PreserveFQDN` configuration directive in `/etc/rsyslog.conf`. Default is 'off' for compatibility purposes.\n* `node['rsyslog']['high_precision_timestamps']` -  Enable high precision timestamps, instead of the \"old style\" format.  Default is 'false'.\n* `node['rsyslog']['repeated_msg_reduction']` -  Value of `$RepeatedMsgReduction` configuration directive in `/etc/rsyslog.conf`. Default is 'on'\n* `node['rsyslog']['logs_to_forward']` -  Specifies what logs should be sent to the remote rsyslog server. Default is all ( \\*.\\* ).\n* `node['rsyslog']['default_log_dir']` - log directory used in `50-default.conf` template, defaults to `/var/log`\n* `node['rsyslog']['default_facility_logs']` - Hash containing log facilities and destinations used in `50-default.conf` template.\n* `node['rsyslog']['default_file_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for local log files.\n* `node['rsyslog']['default_remote_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for sending to remote servers.\n* `node['rsyslog']['rate_limit_interval']` - Value of the $SystemLogRateLimitInterval configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.\n* `node['rsyslog']['rate_limit_burst']` - Value of the $SystemLogRateLimitBurst configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.\n* `node['rsyslog']['action_queue_max_disk_space']` - Max amount of disk space the disk-assisted queue is allowed to use ([more info](http://www.rsyslog.com/doc/queues.html)).\n* `node['rsyslog']['enable_tls']` - Whether or not to enable TLS encryption.  When enabled, forces protocol to `tcp`. Default is `false`.\n* `node['rsyslog']['tls_ca_file']` - Path to TLS CA file. Required for both server and clients.\n* `node['rsyslog']['tls_certificate_file']` - Path to TLS certificate file. Required for server, optional for clients.\n* `node['rsyslog']['tls_key_file']` - Path to TLS key file. Required for server, optional for clients.\n* `node['rsyslog']['tls_auth_mode']` - Value for `$InputTCPServerStreamDriverAuthMode`/`$ActionSendStreamDriverAuthMode`, determines whether client certs are validated. Defaults to `anon` (no validation).\n* `node['rsyslog']['use_local_ipv4']` - Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available).  Default is 'false'.\n* `node['rsyslog']['allow_non_local']` - Whether or not to allow non-local messages. If 'false', incoming messages are only allowed from 127.0.0.1. Default is 'false'.\n* `node['rsyslog']['custom_remote']` - Array of hashes for configuring custom remote server targets\n* `node['rsyslog']['additional_directives']` - Hash of additional directives and their values to place in the main rsyslog config file\n\nRecipes\n-------\n### default\nInstalls the rsyslog package, manages the rsyslog service and sets up basic configuration for a standalone machine.\n\n### client\nIncludes `recipe[rsyslog]`.\n\nUses `node['rsyslog']['server_ip']` or Chef search (in that precedence order) to determine the remote syslog server's IP address. If search is used, the search query will look for the first `ipaddress` returned from the criteria specified in `node['rsyslog']['server_search']`.\n\nYou can use `node['rsyslog']['custom_config']` to define custom entries for sending logs to remote servers.\nAvailable attributes:\n```\n    'server': Ip/hostname of remote syslog server (Required)\n    'port': Port to send logs to\n    'logs': Syslog log facilities to send (auth, authpriv, daemon, etc)\n    'protocol': Can be tcp or udp\n    'remote_template': Rsyslog template used for the messages\n```\n\nExample:\n\n```ruby\nnode['rsyslog']['custom_remote'] = [{ 'server' => '10.10.4.4', 'port' => '567', 'logs' => 'auth.*,mail.*', 'protocol' => 'udp', 'remote_template' => 'RSYSLOG_SyslogProtocol23Format'},\n                                    { 'server' => '10.0.0.3', 'port' => '555', 'logs' => 'authpriv,daemon.*' } ]\n```\n\nThe server key is required; if other keys are left out, the default global values will be used (eg `node['rsyslog']['port']` will be used if 'port' is omitted)\n\n\nIf the node itself is a rsyslog server ie it has `rsyslog.server` set to true then the configuration is skipped.\n\nIf the node had an `/etc/rsyslog.d/35-server-per-host.conf` file previously configured, this file gets removed to prevent duplicate logging.\n\nAny previous logs are not cleaned up from the `log_dir`.\n\n### server\nConfigures the node to be a rsyslog server. The chosen rsyslog server node should be defined in the `server_ip` attribute or resolvable by the specified search criteria specified in `node['rsyslog']['server_search]` (so that nodes making use of the `client` recipe can find the server to log to).\n\nThis recipe will create the logs in `node['rsyslog']['log_dir']`, and the configuration is in `/etc/rsyslog.d/server.conf`. This recipe also removes any previous configuration to a remote server by removing the `/etc/rsyslog.d/remote.conf` file.\n\nThe cron job used in the previous version of this cookbook is removed, but it does not remove any existing cron job from your system (so it doesn't break anything unexpectedly). We recommend setting up logrotate for the logfiles instead.\n\nThe `log_dir` will be concatenated with `per_host_dir` to store the logs for each client. Modify the attribute to have a value that is allowed by rsyslogs template matching values, see the rsyslog documentation for this.\n\nDirectory structure:\n\n```erb\n<%= @log_dir %>/<%= @per_host_dir %>/\"logfile\"\n```\n\nFor example for the system with hostname `www`:\n\n```text\n/srv/rsyslog/2011/11/19/www/messages\n```\n\nFor example, to change this to just the hostname, set the attribute `node['rsyslog']['per_host_dir']` via a role:\n\n```ruby\n\"rsyslog\" => { \"per_host_dir\" => \"%HOSTNAME%\" }\n```\n\nAt this time, the server can only listen on UDP *or* TCP.\n\nResources\n=========\n\nfile_input\n----------\n\nConfigures a [text file input\nmonitor](http://www.rsyslog.com/doc/imfile.html) to push a log file into\nrsyslog.\n\nAttributes:\n* `name`: name of the resource, also used for the syslog tag. Required.\n* `file`: file path for input file to monitor. Required.\n* `priority`: config order priority. Defaults to `99`.\n* `severity`: syslog severity. Must be one of `emergency`, `alert`,\n`critical`, `error`, `warning`, `notice`, `info` or `debug`. If\nundefined, rsyslog interprets this as `notice`.\n* `facility`: syslog facility. Must be one of `auth`, `authpriv`,\n`daemon`, `cron`, `ftp`, `lpr`, `kern`, `mail`, `news`, `syslog`,\n`user`, `uucp`, `local0`, ... , `local7`. If undefined, rsyslog\ninterprets this as `local0`.\n* `cookbook`: cookbook containing the template. Defaults to `rsyslog`.\n* `source`: template file source. Defaults to `file-input.conf.erb`\n\n\nUsage\n=====\nUse `recipe[rsyslog]` to install and start rsyslog as a basic configured service for standalone systems.\n\nUse `recipe[rsyslog::client]` to have nodes log to a remote server (which is found via the `server_ip` attribute or by the recipe's search call -- see __client__)\n\nUse `recipe[rsyslog::server]` to set up a rsyslog server. It will listen on `node['rsyslog']['port']` protocol `node['rsyslog']['protocol']`.\n\nIf you set up a different kind of centralized loghost (syslog-ng, graylog2, logstash, etc), you can still send log messages to it as long as the port and protocol match up with the server software. See __Examples__\n\nUse `rsyslog_file_input` within your recipes to forward log files to\nyour remote syslog server.\n\n\n### Examples\nA `base` role (e.g., roles/base.rb), applied to all nodes so they are syslog clients:\n\n```ruby\nname \"base\"\ndescription \"Base role applied to all nodes\nrun_list(\"recipe[rsyslog::client]\")\n```\n\nThen, a role for the loghost (should only be one):\n\n```ruby\nname \"loghost\"\ndescription \"Central syslog server\"\nrun_list(\"recipe[rsyslog::server]\")\n```\n\nBy default this will set up the clients search for a node with the `loghost` role to talk to the server on TCP port 514. Change the `protocol` and `port` rsyslog attributes to modify this.\n\nIf you want to specify another syslog compatible server with a role other than loghost, simply fill free to use the `server_ip` attribute or the `server_search` attribute.\n\nExample role that sets the per host directory:\n\n```ruby\nname \"loghost\"\ndescription \"Central syslog server\"\nrun_list(\"recipe[rsyslog::server]\")\ndefault_attributes(\n  \"rsyslog\" => { \"per_host_dir\" => \"%HOSTNAME%\" }\n)\n```\n\nDefault rsyslog options are rendered for RHEL family platforms, in `/etc/rsyslog.d/50-default.conf`\nwith other platforms using a configuration like Debian family defaults.  You can override these\nlog facilities and destinations using the `rsyslog['default_facility_logs']` hash.\n\n```ruby\nname \"facility_log_example\"\nrun_list(\"recipe[rsyslog::default]\")\ndefault_attributes(\n  \"rsyslog\" => {\n    \"default_facility_logs\" => {\n      '*.info;mail.none;authpriv.none;cron.none' => \"/var/log/messages\",\n      'authpriv' => '/var/log/secure',\n      'mail.*' => '-/var/log/maillog',\n      '*.emerg' => '*'\n    }\n  }\n)\n```\n\nDevelopment\n-----------\nThis section details \"quick development\" steps. For a detailed explanation, see [[Contributing.md]].\n\n1. Clone this repository from GitHub:\n\n    $ git clone git@github.com:chef-cookbooks/rsyslog.git\n\n2. Create a git branch\n\n    $ git checkout -b my_bug_fix\n\n3. Install dependencies:\n\n    $ bundle install\n\n4. Make your changes/patches/fixes, committing appropriately\n5. **Write tests**\n6. Run the tests:\n    - bundle exec foodcritic -f any .\n    - bundle exec rspec\n    - bundle exec rubocop\n    - bundle exec kitchen test\n\n  In detail:\n    - Foodcritic will catch any Chef-specific style errors\n    - RSpec will run the unit tests\n    - Rubocop will check for Ruby-specific style errors\n    - Test Kitchen will run and converge the recipes\n\n\nLicense & Authors\n-----------------\n- Author:: Joshua Timberman (<joshua@chef.io>)\n- Author:: Denis Barishev (<denz@twiket.com>)\n- Author:: Tim Smith (<tsmith84@gmail.com>)\n\n```text\nCopyright:: 2009-2015, Chef Software, Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"ubuntu":">= 10.04","debian":">= 5.0","redhat":">= 5.0","centos":">= 5.0","fedora":">= 20.0","scientific":">= 0.0.0","amazon":">= 0.0.0","oracle":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{"rsyslog":{"display_name":"Rsyslog","description":"Hash of Rsyslog attributes","type":"hash"},"rsyslog/log_dir":{"display_name":"Rsyslog Log Directory","description":"Filesystem location of logs from clients","default":"/srv/rsyslog"},"rsyslog/server":{"display_name":"Rsyslog Server?","description":"Is this node an rsyslog server?","default":"false"},"rsyslog/server_ip":{"display_name":"Rsyslog Server IP Address","description":"Set rsyslog server ip address explicitly"},"rsyslog/server_search":{"display_name":"Rsyslog Server Search Criteria","description":"Set the search criteria for rsyslog server resolving","default":"role:loghost"},"rsyslog/protocol":{"display_name":"Rsyslog Protocol","description":"Set which network protocol to use for rsyslog","default":"tcp"},"rsyslog/port":{"display_name":"Rsyslog Port","description":"Port that Rsyslog listens for incoming connections","default":"514"},"rsyslog/remote_logs":{"display_name":"Remote Logs","description":"Specifies whether redirect all log from client to server","default":"true"},"rsyslog/user":{"display_name":"User","description":"The owner of Rsyslog config files and directories","default":"root"},"rsyslog/group":{"display_name":"Group","description":"The group-owner of Rsyslog config files and directories","default":"adm"},"rsyslog/service_name":{"display_name":"Service name","description":"The name of the service for the platform","default":"rsyslog"},"rsyslog/max_message_size":{"display_name":"Maximum Rsyslog message size","description":"Specifies the maximum size of allowable Rsyslog messages","default":"2k"},"rsyslog/preserve_fqdn":{"display_name":"Preserve FQDN","description":"Specifies if the short or full host name will be used. The default off setting is more compatible.","default":"off"},"rsyslog/repeated_msg_reduction":{"display_name":"Filter duplicated messages","description":"Specifies whether or not repeated messages should be reduced.","default":"on"},"rsyslog/priv_seperation":{"display_name":"Privilege separation","description":"Whether or not to make use of Rsyslog privilege separation","default":"false"},"rsyslog/default_file_template":{"display_name":"Default file log format template","description":"The name of a pre-defined log format template (ie - `RSYSLOG_FileFormat`), used for local log files."},"rsyslog/default_remote_template":{"display_name":"Default remote log format template","description":"The name of a pre-defined log format template (ie - `RSYSLOG_SyslogProtocol23Format`), used for remote log forwarding."},"rsyslog/enable_tls":{"display_name":"Enable TLS","description":"Whether or not to enable TLS encryption. When enabled, forces protocol to \"tcp\"","default":"false"},"rsyslog/tls_ca_file":{"display_name":"TLS CA file","description":"Path to TLS CA file. Required for both server and clients."},"rsyslog/tls_certificate_file":{"display_name":"TLS certificate file","description":"Path to TLS certificate file. Required for server, optional for clients."},"rsyslog/tls_key_file":{"display_name":"TLS key file","description":"Path to TLS key file. Required for server, optional for clients."},"rsyslog/tls_auth_mode":{"display_name":"TLS auth mode","description":"Value for \"$InputTCPServerStreamDriverAuthMode\"/\"$ActionSendStreamDriverAuthMode\", determines whether client certs are validated.","default":"anon"},"rsyslog/use_local_ipv4":{"display_name":"Try to use local IPv4 address","description":"Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available).","default":"false"},"rsyslog/allow_non_local":{"display_name":"Allow non-local messages","description":"Allow processing of messages coming any IP, not just 127.0.0.1","default":"false"}},"groupings":{},"recipes":{"rsyslog":"Installs rsyslog","rsyslog::client":"Sets up a client to log to a remote rsyslog server","rsyslog::server":"Sets up an rsyslog server"},"source_url":"https://github.com/chef-cookbooks/rsyslog","issues_url":"https://github.com/chef-cookbooks/rsyslog/issues"}

data/cookbooks/rsyslog/providers/file_input.rb

@@ -0,0 +1,44 @@
+# Cookbook Name:: rsyslog
+# Provider:: file_input
+#
+# Copyright 2012-2015, Joseph Holsten
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# support whyrun
+def whyrun_supported?
+  true
+end
+
+use_inline_resources
+
+include RsyslogCookbook::Helpers
+
+action :create do
+  declare_rsyslog_service
+
+  template "/etc/rsyslog.d/#{new_resource.priority}-#{new_resource.name}.conf" do
+    mode '0664'
+    owner node['rsyslog']['user']
+    group node['rsyslog']['group']
+    source new_resource.source
+    cookbook new_resource.cookbook
+    variables 'file_name' => new_resource.file,
+              'tag' => new_resource.name,
+              'state_file' => new_resource.name,
+              'severity' => new_resource.severity,
+              'facility' => new_resource.facility
+    notifies :restart, resources('service[rsyslog]')
+  end
+end