Initial Chef repository

2015-07-21 19:45:23 +02:00
parent 7e5401fc71
commit ee4079fa85
1151 changed files with 185163 additions and 0 deletions
--- a/cookbooks/rsyslog/templates/default/35-server-per-host.conf.erb
+++ b/cookbooks/rsyslog/templates/default/35-server-per-host.conf.erb
@@ -0,0 +1,62 @@
+# Generated by Chef
+# Local modifications will be overwritten
+
+<% if node['rsyslog']['use_relp'] -%>
+$ModLoad imrelp
+$InputRELPServerRun <%= node['rsyslog']['relp_port'] %>
+<% end -%>
+$DirGroup <%= node['rsyslog']['group'] %>
+$DirCreateMode 0755
+$FileGroup <%= node['rsyslog']['group'] %>
+
+$template PerHostAuth,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/auth.log"
+$template PerHostCron,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/cron.log"
+$template PerHostSyslog,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/syslog"
+$template PerHostDaemon,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/daemon.log"
+$template PerHostKern,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/kern.log"
+$template PerHostLpr,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/lpr.log"
+$template PerHostUser,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/user.log"
+$template PerHostMail,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.log"
+$template PerHostMailInfo,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.info"
+$template PerHostMailWarn,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.warn"
+$template PerHostMailErr,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.err"
+$template PerHostNewsCrit,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/news.crit"
+$template PerHostNewsErr,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/news.err"
+$template PerHostNewsNotice,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/news.notice"
+$template PerHostDebug,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/debug"
+$template PerHostMessages,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/messages"
+
+auth,authpriv.*         ?PerHostAuth
+*.*;auth,authpriv.none  -?PerHostSyslog
+cron.*                  ?PerHostCron
+daemon.*                -?PerHostDaemon
+kern.*                  -?PerHostKern
+lpr.*                   -?PerHostLpr
+mail.*                  -?PerHostMail
+user.*                  -?PerHostUser
+
+mail.info               -?PerHostMailInfo
+mail.warn               ?PerHostMailWarn
+mail.err                ?PerHostMailErr
+
+news.crit               ?PerHostNewsCrit
+news.err                ?PerHostNewsErr
+news.notice             -?PerHostNewsNotice
+
+*.=debug;\
+  auth,authpriv.none;\
+  news.none;mail.none   -?PerHostDebug
+
+*.=info;*.=notice;*.=warn;\
+  auth,authpriv.none;\
+  cron,daemon.none;\
+  mail,news.none        -?PerHostMessages
+
+
+<% unless node['rsyslog']['allow_non_local'] -%>
+#
+# Stop processing of all non-local messages. You can process remote messages
+# on levels less than 35.
+#
+:fromhost-ip,!isequal,"127.0.0.1" ~
+<% end -%>
--- a/cookbooks/rsyslog/templates/default/49-relp.conf.erb
+++ b/cookbooks/rsyslog/templates/default/49-relp.conf.erb
@@ -0,0 +1,10 @@
+# Generated by Chef
+$ModLoad omrelp
+$ActionQueueType LinkedList # use asynchronous processing
+$ActionQueueFileName srvrfwd # set file name, also enables disk mode
+$ActionResumeRetryCount -1 # infinite retries on insert failure
+$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down
+
+<% @servers.each do |server| -%>
+*.* :omrelp:<%= "#{server}:#{node['rsyslog']['relp_port']}" %><%= node['rsyslog']['default_remote_template'] ? ';' + node['rsyslog']['default_remote_template'] : nil %>
+<% end -%>
--- a/cookbooks/rsyslog/templates/default/49-remote.conf.erb
+++ b/cookbooks/rsyslog/templates/default/49-remote.conf.erb
@@ -0,0 +1,28 @@
+# Generated by Chef
+$ActionQueueType LinkedList # use asynchronous processing
+$ActionQueueFileName srvrfwd # set file name, also enables disk mode
+$ActionResumeRetryCount -1 # infinite retries on insert failure
+$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down
+$ActionQueueMaxDiskSpace <%= node['rsyslog']['action_queue_max_disk_space'] %> # Don't use more than this much space for the queue
+<% if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file'] -%>
+$DefaultNetstreamDriverCAFile <%= node['rsyslog']['tls_ca_file'] %>
+<%   if node['rsyslog']['tls_certificate_file'] -%>
+$DefaultNetstreamDriverCertFile <%= node['rsyslog']['tls_certificate_file'] %>
+<%   end -%>
+<%   if node['rsyslog']['tls_key_file'] -%>
+$DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %>
+<%   end -%>
+
+$DefaultNetstreamDriver gtls
+$ActionSendStreamDriverMode 1
+$ActionSendStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] %>
+<% end -%>
+
+<% @servers.each do |server| -%>
+<%   case node['rsyslog']['protocol'] -%>
+<%   when "tcp" -%>
+<%= node['rsyslog']['logs_to_forward'] %> @@<%= server %>:<%= node['rsyslog']['port'] %><%= node["rsyslog"]["default_remote_template"] ? ';' + node["rsyslog"]["default_remote_template"] : nil %>
+<%   when "udp" -%>
+<%= node['rsyslog']['logs_to_forward'] %> @<%= server %>:<%= node['rsyslog']['port'] %><%= node["rsyslog"]["default_remote_template"] ? ';' + node["rsyslog"]["default_remote_template"] : nil %>
+<%   end -%>
+<% end -%>
--- a/cookbooks/rsyslog/templates/default/50-default.conf.erb
+++ b/cookbooks/rsyslog/templates/default/50-default.conf.erb
@@ -0,0 +1,6 @@
+# Generated by Chef
+# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
+
+<% node['rsyslog']['default_facility_logs'].each do |key, value| %>
+<%= key %>    <%= value %>
+<% end %>
--- a/cookbooks/rsyslog/templates/default/file-input.conf.erb
+++ b/cookbooks/rsyslog/templates/default/file-input.conf.erb
@@ -0,0 +1,15 @@
+# <%= @tag %>.conf - Syslog file inputs for <%= @tag %>
+#
+# Generated by Chef for <%= node['fqdn'] %>
+# Local modifications will be overwritten.
+$ModLoad imfile
+$InputFileName <%= @file_name %>
+$InputFileTag <%= @tag %>:
+$InputFileStateFile <%= @state_file %>
+<% if @severity %>
+$InputFileSeverity <%= @severity %>
+<% end %>
+<% if @facility %>
+$InputFileFacility <%= @facility %>
+<% end %>
+$InputRunFileMonitor
--- a/cookbooks/rsyslog/templates/default/omnios-manifest.xml.erb
+++ b/cookbooks/rsyslog/templates/default/omnios-manifest.xml.erb
@@ -0,0 +1,30 @@
+<?xml version='1.0'?>
+<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
+<service_bundle type='manifest' name='export'>
+  <service name='<%= node['rsyslog']['service_name'] %>' type='service' version='0'>
+    <create_default_instance enabled='true'/>
+    <single_instance/>
+    <dependency name='network' grouping='require_all' restart_on='error' type='service'>
+      <service_fmri value='svc:/milestone/network:default'/>
+    </dependency>
+    <dependency name='filesystem' grouping='require_all' restart_on='error' type='service'>
+      <service_fmri value='svc:/system/filesystem/local'/>
+    </dependency>
+    <method_context/>
+    <exec_method name='start' type='method' exec='/opt/omni/sbin/rsyslogd -f %{config_file}' timeout_seconds='60'/>
+    <exec_method name='stop' type='method' exec=':kill' timeout_seconds='60'/>
+    <property_group name='startd' type='framework'>
+      <propval name='duration' type='astring' value='contract'/>
+      <propval name='ignore_error' type='astring' value='core,signal'/>
+    </property_group>
+    <property_group name='application' type='application'>
+      <propval name='config_file' type='astring' value='<%= node["rsyslog"]["config_prefix"] %>/rsyslog.conf'/>
+    </property_group>
+    <stability value='Evolving'/>
+    <template>
+      <common_name>
+        <loctext xml:lang='C'>rsyslog daemon</loctext>
+      </common_name>
+    </template>
+  </service>
+</service_bundle>
--- a/cookbooks/rsyslog/templates/default/rsyslog.conf.erb
+++ b/cookbooks/rsyslog/templates/default/rsyslog.conf.erb
@@ -0,0 +1,106 @@
+# rsyslog configuration file - Generated by Chef
+# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
+# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html
+#
+# Set max message size
+#
+$MaxMessageSize <%= node['rsyslog']['max_message_size'] %>
+
+#
+# Preserve FQDN
+#
+$PreserveFQDN <%= node['rsyslog']['preserve_fqdn'] %>
+
+#################
+#### MODULES ####
+#################
+
+<% if node['rsyslog']['modules'] && !node['rsyslog']['modules'].empty? %>
+  <% [*node['rsyslog']['modules']].each do |mod| %>
+$ModLoad <%= mod %>
+  <% end %>
+<% end %>
+
+<% if node['rsyslog']['server'] -%>
+  <% if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file'] &&
+        node['rsyslog']['tls_key_file'] && node['rsyslog']['tls_certificate_file'] -%>
+$DefaultNetstreamDriver gtls
+$DefaultNetstreamDriverCAFile <%= node['rsyslog']['tls_ca_file'] %>
+$DefaultNetstreamDriverCertFile <%= node['rsyslog']['tls_certificate_file'] %>
+$DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %>
+
+$ModLoad imtcp
+
+$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
+$InputTCPServerStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] || 'anon' %>
+$InputTCPServerRun <%= node['rsyslog']['port'] %>
+# Provide <%= node['rsyslog']['protocol'].upcase %> log reception
+  <% else -%>
+<% case node['rsyslog']['protocol'] -%>
+<% when "tcp" -%>
+$ModLoad imtcp
+$InputTCPServerRun <%= node['rsyslog']['port'] %>
+<% when "udp" -%>
+$ModLoad imudp
+$UDPServerRun <%= node['rsyslog']['port'] %>
+<% end -%>
+  <% end -%>
+<% end -%>
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+<% if node["rsyslog"]["default_file_template"] -%>
+# 
+# Default log format template
+# 
+$ActionFileDefaultTemplate <%= node["rsyslog"]["default_file_template"] %>
+<% elsif !node["rsyslog"]["high_precision_timestamps"] -%>
+#
+# Use default timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+<% end -%>
+
+# Filter duplicated messages
+$RepeatedMsgReduction <%= node['rsyslog']['repeated_msg_reduction'] %>
+
+#
+# Set temporary directory to buffer syslog queue
+#
+$WorkDirectory <%= node['rsyslog']['working_dir'] %>
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner <%= node['rsyslog']['user'] %>
+$FileGroup <%= node['rsyslog']['group'] %>
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+<% if node['rsyslog']['priv_seperation'] %>
+$PrivDropToUser <%= node['rsyslog']['priv_user'] || node['rsyslog']['user'] %>
+$PrivDropToGroup <%= node['rsyslog']['priv_group'] || node['rsyslog']['group'] %>
+<% end %>
+<% unless node['rsyslog']['rate_limit_interval'].nil? %>
+#
+# Set the amount of time that is being measured for rate limiting
+#
+$SystemLogRateLimitInterval <%= node['rsyslog']['rate_limit_interval'] %>
+<% end %>
+<% unless node['rsyslog']['rate_limit_burst'].nil? %>
+#
+# Set the amount of messages, that have to occur in the time limit of
+#   SystemLogRateLimitInterval, to trigger rate limiting
+#
+$SystemLogRateLimitBurst <%= node['rsyslog']['rate_limit_burst'] %>
+<% end %>
+#
+# Include all config files in <%= node['rsyslog']['config_prefix'] %>/rsyslog.d/
+#
+$IncludeConfig <%= node['rsyslog']['config_prefix'] %>/rsyslog.d/*.conf
+<% node['rsyslog']['additional_directives'].each_pair do |k,v| %>
+$<%= k %> <%= v %>
+<% end %>