Initial Chef repository

2015-07-21 19:45:23 +02:00
parent 7e5401fc71
commit ee4079fa85
1151 changed files with 185163 additions and 0 deletions
--- a/cookbooks/rsyslog/recipes/client.rb
+++ b/cookbooks/rsyslog/recipes/client.rb
@@ -0,0 +1,72 @@
+#
+# Cookbook Name:: rsyslog
+# Recipe:: client
+#
+# Copyright 2009-2014, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Do not run this recipe if the server attribute is set
+return if node['rsyslog']['server']
+
+include_recipe 'rsyslog::default'
+
+def chef_solo_search_installed?
+  klass = ::Search.const_get('Helper')
+  return klass.is_a?(Class)
+rescue NameError
+  return false
+end
+
+# On Chef Solo, we use the node['rsyslog']['server_ip'] attribute, and on
+# normal Chef, we leverage the search query.
+if Chef::Config[:solo] && !chef_solo_search_installed?
+  if node['rsyslog']['server_ip']
+    rsyslog_servers = Array(node['rsyslog']['server_ip'])
+  else
+    Chef::Application.fatal!("Chef Solo does not support search. You must set node['rsyslog']['server_ip'] or use the chef-solo-search cookbook!")
+  end
+else
+  results = search(:node, node['rsyslog']['server_search']).map do |server|
+    ipaddress = server['ipaddress']
+    # If both server and client are on the same cloud and local network, they may be
+    # instructed to communicate via the internal interface by enabling `use_local_ipv4`
+    if node['rsyslog']['use_local_ipv4'] && server.attribute?('cloud') && server['cloud']['local_ipv4']
+      ipaddress = server['cloud']['local_ipv4']
+    end
+    ipaddress
+  end
+  rsyslog_servers = Array(node['rsyslog']['server_ip']) + Array(results)
+end
+
+if rsyslog_servers.empty?
+  Chef::Application.fatal!('The rsyslog::client recipe was unable to determine the remote syslog server. Checked both the server_ip attribute and search!')
+end
+
+remote_type = node['rsyslog']['use_relp'] ? 'relp' : 'remote'
+
+template "#{node['rsyslog']['config_prefix']}/rsyslog.d/49-remote.conf" do
+  source    "49-#{remote_type}.conf.erb"
+  owner     'root'
+  group     'root'
+  mode      '0644'
+  variables(:servers => rsyslog_servers)
+  notifies  :restart, "service[#{node['rsyslog']['service_name']}]"
+  only_if   { node['rsyslog']['remote_logs'] }
+end
+
+file "#{node['rsyslog']['config_prefix']}/rsyslog.d/server.conf" do
+  action   :delete
+  notifies :restart, "service[#{node['rsyslog']['service_name']}]"
+end
--- a/cookbooks/rsyslog/recipes/default.rb
+++ b/cookbooks/rsyslog/recipes/default.rb
@@ -0,0 +1,89 @@
+#
+# Cookbook Name:: rsyslog
+# Recipe:: default
+#
+# Copyright 2009-2014, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+extend RsyslogCookbook::Helpers
+
+package 'rsyslog'
+package 'rsyslog-relp' if node['rsyslog']['use_relp']
+
+if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file']
+  Chef::Application.fatal!("Recipe rsyslog::default can not use 'enable_tls' with protocol '#{node['rsyslog']['protocol']}' (requires 'tcp')") unless node['rsyslog']['protocol'] == 'tcp'
+  package 'rsyslog-gnutls'
+end
+
+directory "#{node['rsyslog']['config_prefix']}/rsyslog.d" do
+  owner 'root'
+  group 'root'
+  mode  '0755'
+end
+
+directory node['rsyslog']['working_dir']  do
+  owner node['rsyslog']['user']
+  group node['rsyslog']['group']
+  mode  '0700'
+end
+
+# Our main stub which then does its own rsyslog-specific
+# include of things in /etc/rsyslog.d/*
+template "#{node['rsyslog']['config_prefix']}/rsyslog.conf" do
+  source  'rsyslog.conf.erb'
+  owner   'root'
+  group   'root'
+  mode    '0644'
+  notifies :restart, "service[#{node['rsyslog']['service_name']}]"
+end
+
+template "#{node['rsyslog']['config_prefix']}/rsyslog.d/50-default.conf" do
+  source  '50-default.conf.erb'
+  owner   'root'
+  group   'root'
+  mode    '0644'
+  notifies :restart, "service[#{node['rsyslog']['service_name']}]"
+end
+
+# syslog needs to be stopped before rsyslog can be started on RHEL versions before 6.0
+if platform_family?('rhel') && node['platform_version'].to_i < 6
+  service 'syslog' do
+    action [:stop, :disable]
+  end
+elsif platform_family?('smartos', 'omnios')
+  # syslog needs to be stopped before rsyslog can be started on SmartOS, OmniOS
+  service 'system-log' do
+    action :disable
+  end
+end
+
+if platform_family?('omnios')
+  # manage the SMF manifest on OmniOS
+  template '/var/svc/manifest/system/rsyslogd.xml' do
+    source 'omnios-manifest.xml.erb'
+    owner 'root'
+    group 'root'
+    mode '0644'
+    notifies :run, 'execute[import rsyslog manifest]', :immediately
+  end
+
+  execute 'import rsyslog manifest' do
+    action :nothing
+    command 'svccfg import /var/svc/manifest/system/rsyslogd.xml'
+    notifies :restart, "service[#{node['rsyslog']['service_name']}]"
+  end
+end
+
+declare_rsyslog_service
--- a/cookbooks/rsyslog/recipes/server.rb
+++ b/cookbooks/rsyslog/recipes/server.rb
@@ -0,0 +1,44 @@
+#
+# Cookbook Name:: rsyslog
+# Recipe:: server
+#
+# Copyright 2009-2014, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Manually set this attribute
+node.set['rsyslog']['server'] = true
+
+include_recipe 'rsyslog::default'
+
+directory node['rsyslog']['log_dir'] do
+  owner    node['rsyslog']['user']
+  group    node['rsyslog']['group']
+  mode     '0755'
+  recursive true
+end
+
+template "#{node['rsyslog']['config_prefix']}/rsyslog.d/35-server-per-host.conf" do
+  source   '35-server-per-host.conf.erb'
+  owner    'root'
+  group    'root'
+  mode     '0644'
+  notifies :restart, "service[#{node['rsyslog']['service_name']}]"
+end
+
+file "#{node['rsyslog']['config_prefix']}/rsyslog.d/remote.conf" do
+  action   :delete
+  notifies :restart, "service[#{node['rsyslog']['service_name']}]"
+  only_if  { ::File.exist?("#{node['rsyslog']['config_prefix']}/rsyslog.d/remote.conf") }
+end