summaryrefslogtreecommitdiff
path: root/puppet/modules/rsyslog
diff options
context:
space:
mode:
authorMicah Anderson <micah@riseup.net>2016-11-04 10:54:28 -0400
committerMicah Anderson <micah@riseup.net>2016-11-04 10:54:28 -0400
commit34a381efa8f6295080c843f86bfa07d4e41056af (patch)
tree9282cf5d4c876688602705a7fa0002bc4a810bde /puppet/modules/rsyslog
parent0a72bc6fd292bf9367b314fcb0347c4d35042f16 (diff)
parent5821964ff7e16ca7aa9141bd09a77d355db492a9 (diff)
Merge branch 'develop'
Diffstat (limited to 'puppet/modules/rsyslog')
m---------puppet/modules/rsyslog0
-rw-r--r--puppet/modules/rsyslog/.fixtures.yml3
-rw-r--r--puppet/modules/rsyslog/.gemfile14
-rw-r--r--puppet/modules/rsyslog/.gitignore5
-rw-r--r--puppet/modules/rsyslog/.gitrepo11
-rw-r--r--puppet/modules/rsyslog/.travis.yml56
-rw-r--r--puppet/modules/rsyslog/LICENSE202
-rw-r--r--puppet/modules/rsyslog/README.md202
-rw-r--r--puppet/modules/rsyslog/Rakefile6
-rw-r--r--puppet/modules/rsyslog/lib/facter/rsyslog_version.rb38
-rw-r--r--puppet/modules/rsyslog/manifests/client.pp64
-rw-r--r--puppet/modules/rsyslog/manifests/config.pp51
-rw-r--r--puppet/modules/rsyslog/manifests/database.pp57
-rw-r--r--puppet/modules/rsyslog/manifests/imfile.pp48
-rw-r--r--puppet/modules/rsyslog/manifests/init.pp54
-rw-r--r--puppet/modules/rsyslog/manifests/install.pp32
-rw-r--r--puppet/modules/rsyslog/manifests/modload.pp15
-rw-r--r--puppet/modules/rsyslog/manifests/params.pp222
-rw-r--r--puppet/modules/rsyslog/manifests/server.pp70
-rw-r--r--puppet/modules/rsyslog/manifests/service.pp21
-rw-r--r--puppet/modules/rsyslog/manifests/snippet.pp35
-rw-r--r--puppet/modules/rsyslog/metadata.json62
-rw-r--r--puppet/modules/rsyslog/spec/classes/rsyslog_client_spec.rb146
-rw-r--r--puppet/modules/rsyslog/spec/classes/rsyslog_database_spec.rb308
-rw-r--r--puppet/modules/rsyslog/spec/classes/rsyslog_server_spec.rb182
-rw-r--r--puppet/modules/rsyslog/spec/classes/rsyslog_spec.rb469
-rw-r--r--puppet/modules/rsyslog/spec/defines/rsyslog_imfile_spec.rb169
-rw-r--r--puppet/modules/rsyslog/spec/defines/rsyslog_snippet_spec.rb157
-rw-r--r--puppet/modules/rsyslog/spec/spec.opts6
-rw-r--r--puppet/modules/rsyslog/spec/spec_helper.rb28
-rw-r--r--puppet/modules/rsyslog/templates/client.conf.erb180
-rw-r--r--puppet/modules/rsyslog/templates/database.conf.erb6
-rw-r--r--puppet/modules/rsyslog/templates/imfile.erb15
-rw-r--r--puppet/modules/rsyslog/templates/modload.erb3
-rw-r--r--puppet/modules/rsyslog/templates/rsyslog.conf.erb49
-rw-r--r--puppet/modules/rsyslog/templates/rsyslog_default.erb9
-rw-r--r--puppet/modules/rsyslog/templates/rsyslog_default_gentoo.erb16
-rw-r--r--puppet/modules/rsyslog/templates/rsyslog_default_rhel7.erb2
-rw-r--r--puppet/modules/rsyslog/templates/server-default.conf.erb42
-rw-r--r--puppet/modules/rsyslog/templates/server-hostname.conf.erb41
-rw-r--r--puppet/modules/rsyslog/templates/server/_default-footer.conf.erb13
-rw-r--r--puppet/modules/rsyslog/templates/server/_default-header.conf.erb36
-rw-r--r--puppet/modules/rsyslog/tests/database.pp9
-rw-r--r--puppet/modules/rsyslog/tests/init.pp1
-rw-r--r--puppet/modules/rsyslog/tests/log_templates.pp9
-rw-r--r--puppet/modules/rsyslog/tests/multiple_hosts.pp17
46 files changed, 3181 insertions, 0 deletions
diff --git a/puppet/modules/rsyslog b/puppet/modules/rsyslog
deleted file mode 160000
-Subproject b8ef11c23949d12732ad5cdaebb3023ff39a297
diff --git a/puppet/modules/rsyslog/.fixtures.yml b/puppet/modules/rsyslog/.fixtures.yml
new file mode 100644
index 00000000..b1fb3e0c
--- /dev/null
+++ b/puppet/modules/rsyslog/.fixtures.yml
@@ -0,0 +1,3 @@
+fixtures:
+ symlinks:
+ "rsyslog": "#{source_dir}"
diff --git a/puppet/modules/rsyslog/.gemfile b/puppet/modules/rsyslog/.gemfile
new file mode 100644
index 00000000..e9e12704
--- /dev/null
+++ b/puppet/modules/rsyslog/.gemfile
@@ -0,0 +1,14 @@
+source 'https://rubygems.org'
+
+group :development, :test do
+ gem 'rake', :require => false
+ gem 'puppet-lint', :require => false
+ gem 'rspec-puppet', :require => false
+ gem 'puppetlabs_spec_helper', :require => false
+end
+
+if puppetversion = ENV['PUPPET_GEM_VERSION']
+ gem 'puppet', puppetversion, :require => false
+else
+ gem 'puppet', :require => false
+end
diff --git a/puppet/modules/rsyslog/.gitignore b/puppet/modules/rsyslog/.gitignore
new file mode 100644
index 00000000..d51673f2
--- /dev/null
+++ b/puppet/modules/rsyslog/.gitignore
@@ -0,0 +1,5 @@
+pkg/
+*.swp
+.forge-releng
+/spec/fixtures
+.DS_Store
diff --git a/puppet/modules/rsyslog/.gitrepo b/puppet/modules/rsyslog/.gitrepo
new file mode 100644
index 00000000..fa9db13d
--- /dev/null
+++ b/puppet/modules/rsyslog/.gitrepo
@@ -0,0 +1,11 @@
+; DO NOT EDIT (unless you know what you are doing)
+;
+; This subdirectory is a git "subrepo", and this file is maintained by the
+; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
+;
+[subrepo]
+ remote = https://leap.se/git/puppet_rsyslog
+ branch = master
+ commit = b8ef11c23949d12732ad5cdaebb3023ff39a297a
+ parent = 850a14b59444737f703686d0d1996bf09ab08e2b
+ cmdver = 0.3.0
diff --git a/puppet/modules/rsyslog/.travis.yml b/puppet/modules/rsyslog/.travis.yml
new file mode 100644
index 00000000..bf7edebb
--- /dev/null
+++ b/puppet/modules/rsyslog/.travis.yml
@@ -0,0 +1,56 @@
+---
+branches:
+ only:
+ - master
+language: ruby
+bundler_args: --without development
+script: bundle exec rake spec SPEC_OPTS='--format documentation'
+after_success:
+ - git clone -q git://github.com/puppetlabs/ghpublisher.git .forge-releng
+ - .forge-releng/publish
+rvm:
+ - 1.8.7
+ - 1.9.3
+ - 2.0.0
+ - 2.1.1
+env:
+ matrix:
+ - PUPPET_GEM_VERSION="~> 2.7.0"
+ - PUPPET_GEM_VERSION="~> 3.0.0"
+ - PUPPET_GEM_VERSION="~> 3.1.0"
+ - PUPPET_GEM_VERSION="~> 3.2.0"
+ - PUPPET_GEM_VERSION="~> 3.3.0"
+ - PUPPET_GEM_VERSION="~> 3.4.0"
+ - PUPPET_GEM_VERSION="~> 3.5.0"
+ global:
+ - PUBLISHER_LOGIN=saz
+ - secure: |-
+ EmipIx5A93xnHKwdHfuMPGNLjLz0M0wND0IyeucWhIHE+KtZ48oT+mO2XhnJSpu1DH
+ JaSoYgjQpCILvniWg76o+HY1bTDEP3AmUlxNFgfDAOAQfv0RHv2cEcgNxNrxsddx6S
+ Ks0FCvVkFgY703X+kBiYTpjP4SBzRe0y9OudSvk=
+matrix:
+ fast_finish: true
+ exclude:
+ - rvm: 1.9.3
+ env: PUPPET_GEM_VERSION="~> 2.7.0"
+ - rvm: 2.0.0
+ env: PUPPET_GEM_VERSION="~> 2.7.0"
+ - rvm: 2.0.0
+ env: PUPPET_GEM_VERSION="~> 3.0.0"
+ - rvm: 2.0.0
+ env: PUPPET_GEM_VERSION="~> 3.1.0"
+ - rvm: 2.1.1
+ env: PUPPET_GEM_VERSION="~> 2.7.0"
+ - rvm: 2.1.1
+ env: PUPPET_GEM_VERSION="~> 3.0.0"
+ - rvm: 2.1.1
+ env: PUPPET_GEM_VERSION="~> 3.1.0"
+ - rvm: 2.1.1
+ env: PUPPET_GEM_VERSION="~> 3.2.0"
+ - rvm: 2.1.1
+ env: PUPPET_GEM_VERSION="~> 3.3.0"
+ - rvm: 2.1.1
+ env: PUPPET_GEM_VERSION="~> 3.4.0"
+notifications:
+ email: false
+gemfile: .gemfile
diff --git a/puppet/modules/rsyslog/LICENSE b/puppet/modules/rsyslog/LICENSE
new file mode 100644
index 00000000..d6456956
--- /dev/null
+++ b/puppet/modules/rsyslog/LICENSE
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/puppet/modules/rsyslog/README.md b/puppet/modules/rsyslog/README.md
new file mode 100644
index 00000000..d9292866
--- /dev/null
+++ b/puppet/modules/rsyslog/README.md
@@ -0,0 +1,202 @@
+# puppet-rsyslog [![Build Status](https://secure.travis-ci.org/saz/puppet-rsyslog.png)](https://travis-ci.org/saz/puppet-rsyslog)
+
+Manage rsyslog client and server via Puppet
+
+## REQUIREMENTS
+
+* Puppet >=2.6 if using parameterized classes
+* Currently supports Ubuntu >=11.04 & Debian running rsyslog >=4.5
+
+## USAGE
+
+### Client
+
+#### Using default values
+```
+ class { 'rsyslog::client': }
+```
+
+#### Variables and default values
+```
+ class { 'rsyslog::client':
+ log_remote => true,
+ spool_size => '1g',
+ remote_type => 'tcp',
+ remote_forward_format => 'RSYSLOG_ForwardFormat',
+ log_local => false,
+ log_auth_local => false,
+ custom_config => undef,
+ custom_params => undef,
+ server => 'log',
+ port => '514',
+ remote_servers => false,
+ ssl_ca => undef,
+ log_templates => false,
+ actionfiletemplate => false
+ }
+```
+for read from file
+```
+ rsyslog::imfile { 'my-imfile':
+ file_name => '/some/file',
+ file_tag => 'mytag',
+ file_facility => 'myfacility',
+ }
+
+```
+
+#### Defining custom logging templates
+
+The `log_templates` parameter can be used to set up custom logging templates, which can be used for local and/or remote logging. More detail on template formats can be found in the [rsyslog documentation](http://www.rsyslog.com/doc/rsyslog_conf_templates.html).
+
+The following examples sets up a custom logging template as per [RFC3164fmt](https://www.ietf.org/rfc/rfc3164.txt):
+
+```puppet
+class{'rsyslog::client':
+ log_templates => [
+ {
+ name => 'RFC3164fmt',
+ template => '<%PRI%>%TIMESTAMP% %HOSTNAME% %syslogtag%%msg%',
+ },
+ ]
+}
+```
+
+#### Logging to multiple remote servers
+
+The `remote_servers` parameter can be used to set up logging to multiple remote servers which are supplied as a list of key value pairs for each remote. There is an example configuration provided in `./test/multiple_hosts.pp`
+
+Using the `remote_servers` parameter over-rides the other remote sever parameters, and they will not be used in the client configuration file:
+* `log_remote`
+* `remote_type`
+* `server`
+* `port`
+
+The following example sets up three remote logging hosts for the client:
+
+```puppet
+class{'rsyslog::client':
+ remote_servers => [
+ {
+ host => 'logs.example.org',
+ },
+ {
+ port => '55514',
+ },
+ {
+ host => 'logs.somewhere.com',
+ port => '555',
+ pattern => '*.log',
+ protocol => 'tcp',
+ format => 'RFC3164fmt',
+ },
+ ]
+}
+```
+
+Each host has the following parameters:
+* *host*: Sets the address or hostname of the remote logging server. Defaults to `localhost`
+* *port*: Sets the port the host is listening on. Defaults to `514`
+* *pattern*: Sets the pattern to match logs. Defaults to `*.*`
+* *protocol*: Sets the protocol. Only recognises TCP and UDP. Defaults to UDP
+* *format*: Sets the log format. Defaults to not specifying log format, which defaults to the format set by `ActionFileDefaultTemplate` in the client configuration.
+
+#### Logging to a MySQL or PostgreSQL database
+
+Events can also be logged to a MySQL or PostgreSQL database. The database needs to be deployed separately, either locally or remotely. Schema are available from the `rsyslog` source:
+
+ * [MySQL schema](http://git.adiscon.com/?p=rsyslog.git;a=blob_plain;f=plugins/ommysql/createDB.sql)
+ * [PostgreSQL schema](http://git.adiscon.com/?p=rsyslog.git;a=blob_plain;f=plugins/ompgsql/createDB.sql)
+
+Declare the following to configure the connection:
+````
+ class { 'rsyslog::database':
+ backend => 'mysql',
+ server => 'localhost',
+ database => 'Syslog',
+ username => 'rsyslog',
+ password => 'secret',
+ }
+````
+### Server
+
+#### Using default values
+```
+ class { 'rsyslog::server': }
+```
+
+#### Variables and default values
+```
+ class { 'rsyslog::server':
+ enable_tcp => true,
+ enable_udp => true,
+ enable_onefile => false,
+ server_dir => '/srv/log/',
+ custom_config => undef,
+ high_precision_timestamps => false,
+ }
+```
+
+Both can be installed at the same time.
+
+## PARAMETERS
+
+The following lists all the class parameters this module accepts.
+
+ RSYSLOG::SERVER CLASS PARAMETERS VALUES DESCRIPTION
+ -------------------------------------------------------------------
+ enable_tcp true,false Enable TCP listener. Defaults to true.
+ enable_udp true,false Enable UDP listener. Defaults to true.
+ enable_onefile true,false Only one logfile per remote host. Defaults to false.
+ server_dir STRING Folder where logs will be stored on the server. Defaults to '/srv/log/'
+ custom_config STRING Specify your own template to use for server config. Defaults to undef. Example usage: custom_config => 'rsyslog/my_config.erb'
+ high_precision_timestamps true,false Whether or not to use high precision timestamps.
+ remote_servers HASH Provides a hash of multiple remote logging servers. Check documentation.
+
+ RSYSLOG::CLIENT CLASS PARAMETERS VALUES DESCRIPTION
+ -------------------------------------------------------------------
+ log_remote true,false Log Remotely. Defaults to true.
+ spool_size STRING Max size for disk queue if remote server failed. Defaults to '1g'.
+ remote_type 'tcp','udp' Which protocol to use when logging remotely. Defaults to 'tcp'.
+ remote_forward_format STRING Which forward format for remote servers should be used. Only used if remote_servers is false.
+ log_local true,false Log locally. Defaults to false.
+ log_auth_local true,false Just log auth facility locally. Defaults to false.
+ custom_config STRING Specify your own template to use for client config. Defaults to undef. Example usage: custom_config => 'rsyslog/my_config.erb'
+ custom_params TODO TODO
+ server STRING Rsyslog server to log to. Will be used in the client configuration file. Only used, if remote_servers is false.
+ port '514' Remote server port. Only used if remote_servers is false.
+ remote_servers Array of hashes Array of hashes with remote servers. See documentation above. Defaults to false.
+ ssl_ca STRING SSL CA file location. Defaults to undef.
+ log_templates HASH Provides a has defining custom logging templates using the `$template` configuration parameter.
+ actionfiletemplate STRING If set this defines the `ActionFileDefaultTemplate` which sets the default logging format for remote and local logging.
+
+ RSYSLOG::DATABASE CLASS PARAMETERS VALUES DESCRIPTION
+ -------------------------------------------------------------------
+ backend 'mysql','pgsql' Database backend (MySQL or PostgreSQL).
+ server STRING Database server.
+ database STRING Database name.
+ username STRING Database username.
+ password STRING Database password.
+
+### Other notes
+
+Due to a missing feature in current RELP versions (InputRELPServerBindRuleset option),
+remote logging is using TCP. You can switch between TCP and UDP. As soon as there is
+a new RELP version which supports setting Rulesets, I will add support for relp back.
+
+By default, rsyslog::server will strip numbers from hostnames. This means the logs of
+multiple servers with the same non-numerical name will be aggregrated in a single
+directory. i.e. www01 www02 and www02 would all log to the www directory.
+
+To log each host to a seperate directory, set the custom_config parameter to
+'rsyslog/server-hostname.conf.erb'
+
+If any of the following parameters are set to `false`, then the module will not
+manage the respective package:
+
+ gnutls_package_name
+ relp_package_name
+ rsyslog_package_name
+
+This can be used when using the adiscon PPA repository, that has merged rsyslog-gnutls
+with the main rsyslog package.
diff --git a/puppet/modules/rsyslog/Rakefile b/puppet/modules/rsyslog/Rakefile
new file mode 100644
index 00000000..469b83c6
--- /dev/null
+++ b/puppet/modules/rsyslog/Rakefile
@@ -0,0 +1,6 @@
+require 'puppetlabs_spec_helper/rake_tasks'
+
+# Enable puppet-lint for all manifests: rake lint
+require 'puppet-lint/tasks/puppet-lint'
+PuppetLint.configuration.send("disable_80chars") # no warnings on lines over 80 chars.
+PuppetLint.configuration.ignore_paths = ["spec/fixtures/**/*.pp"]
diff --git a/puppet/modules/rsyslog/lib/facter/rsyslog_version.rb b/puppet/modules/rsyslog/lib/facter/rsyslog_version.rb
new file mode 100644
index 00000000..de8531e8
--- /dev/null
+++ b/puppet/modules/rsyslog/lib/facter/rsyslog_version.rb
@@ -0,0 +1,38 @@
+# Fact: :syslog_package
+#
+# Purpose: retrieve installed rsyslog version
+#
+
+Facter.add(:rsyslog_version) do
+ setcode do
+ osfamily = Facter.value('osfamily')
+ case osfamily
+ when "Debian"
+ command='/usr/bin/dpkg-query -f \'${Status};${Version};\' -W rsyslog 2>/dev/null'
+ version = Facter::Util::Resolution.exec(command)
+ if version =~ /.*install ok installed;([^;]+);.*/
+ $1
+ else
+ nil
+ end
+ when "RedHat", "Suse"
+ command='rpm -qa --qf "%{VERSION}" "rsyslog"'
+ version = Facter::Util::Resolution.exec(command)
+ if version =~ /^(.+)$/
+ $1
+ else
+ nil
+ end
+ when "FreeBSD"
+ command='pkg query %v rsyslog'
+ version = Facter::Util::Resolution.exec(command)
+ if version =~ /^(.+)$/
+ $1
+ else
+ nil
+ end
+ else
+ nil
+ end
+ end
+end
diff --git a/puppet/modules/rsyslog/manifests/client.pp b/puppet/modules/rsyslog/manifests/client.pp
new file mode 100644
index 00000000..193aa336
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/client.pp
@@ -0,0 +1,64 @@
+# == Class: rsyslog::client
+#
+# Full description of class role here.
+#
+# === Parameters
+#
+# [*log_remote*]
+# [*spool_size*]
+# [*remote_type*]
+# [*remote_forward_format*]
+# [*log_local*]
+# [*log_auth_local*]
+# [*custom_config*]
+# [*custom_params*]
+# [*server*]
+# [*port*]
+# [*remote_servers*]
+# [*ssl_ca*]
+# [*log_templates*]
+# [*actionfiletemplate*]
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog::client': }
+#
+class rsyslog::client (
+ $log_remote = true,
+ $spool_size = '1g',
+ $remote_type = 'tcp',
+ $remote_forward_format = 'RSYSLOG_ForwardFormat',
+ $log_local = false,
+ $log_auth_local = false,
+ $custom_config = undef,
+ $custom_params = undef,
+ $server = 'log',
+ $port = '514',
+ $remote_servers = false,
+ $ssl_ca = undef,
+ $log_templates = false,
+ $actionfiletemplate = false
+) inherits rsyslog {
+
+ if $custom_config {
+ $content_real = template($custom_config)
+ } else {
+ $content_real = template("${module_name}/client.conf.erb")
+ }
+
+ rsyslog::snippet { $rsyslog::client_conf:
+ ensure => present,
+ content => $content_real,
+ }
+
+ if $rsyslog::ssl and $ssl_ca == undef {
+ fail('You need to define $ssl_ca in order to use SSL.')
+ }
+
+ if $rsyslog::ssl and $remote_type != 'tcp' {
+ fail('You need to enable tcp in order to use SSL.')
+ }
+
+}
diff --git a/puppet/modules/rsyslog/manifests/config.pp b/puppet/modules/rsyslog/manifests/config.pp
new file mode 100644
index 00000000..1aebe47b
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/config.pp
@@ -0,0 +1,51 @@
+# == Class: rsyslog::config
+#
+# Full description of class role here.
+#
+# === Parameters
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog::config': }
+#
+class rsyslog::config {
+ file { $rsyslog::rsyslog_d:
+ ensure => directory,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ purge => $rsyslog::purge_rsyslog_d,
+ recurse => true,
+ force => true,
+ require => Class['rsyslog::install'],
+ }
+
+ file { $rsyslog::rsyslog_conf:
+ ensure => file,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ content => template("${module_name}/rsyslog.conf.erb"),
+ require => Class['rsyslog::install'],
+ notify => Class['rsyslog::service'],
+ }
+
+ file { $rsyslog::rsyslog_default:
+ ensure => file,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ content => template("${module_name}/${rsyslog::rsyslog_default_file}.erb"),
+ require => Class['rsyslog::install'],
+ notify => Class['rsyslog::service'],
+ }
+
+ file { $rsyslog::spool_dir:
+ ensure => directory,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ seltype => 'syslogd_var_lib_t',
+ require => Class['rsyslog::install'],
+ notify => Class['rsyslog::service'],
+ }
+
+}
diff --git a/puppet/modules/rsyslog/manifests/database.pp b/puppet/modules/rsyslog/manifests/database.pp
new file mode 100644
index 00000000..fe6d6ac8
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/database.pp
@@ -0,0 +1,57 @@
+# == Class: rsyslog::database
+#
+# Full description of class role here.
+#
+# === Parameters
+#
+# [*backend*] - Which backend server to use (mysql|pgsql)
+# [*server*] - Server hostname
+# [*database*] - Database name
+# [*username*] - Database username
+# [*password*] - Database password
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog::database':
+# backend => 'mysql',
+# server => 'localhost',
+# database => 'mydb',
+# username => 'myuser',
+# password => 'mypass',
+# }
+#
+class rsyslog::database (
+ $backend,
+ $server,
+ $database,
+ $username,
+ $password
+) inherits rsyslog {
+
+ $db_module = "om${backend}"
+ $db_conf = "${rsyslog::rsyslog_d}${backend}.conf"
+
+ case $backend {
+ mysql: { $db_package = $rsyslog::mysql_package_name }
+ pgsql: { $db_package = $rsyslog::pgsql_package_name }
+ default: { fail("Unsupported backend: ${backend}. Only MySQL (mysql) and PostgreSQL (pgsql) are supported.") }
+ }
+
+ package { $db_package:
+ ensure => $rsyslog::package_status,
+ before => File[$db_conf],
+ }
+
+ file { $db_conf:
+ ensure => present,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ mode => '0600',
+ content => template("${module_name}/database.conf.erb"),
+ require => Class['rsyslog::config'],
+ notify => Class['rsyslog::service'],
+ }
+
+}
diff --git a/puppet/modules/rsyslog/manifests/imfile.pp b/puppet/modules/rsyslog/manifests/imfile.pp
new file mode 100644
index 00000000..bd0afa36
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/imfile.pp
@@ -0,0 +1,48 @@
+# == Define: rsyslog::imfile
+#
+# Full description of class role here.
+#
+# === Parameters
+#
+# [*file_name*]
+# [*file_tag*]
+# [*file_facility*]
+# [*polling_interval*]
+# [*file_severity*]
+# [*run_file_monitor*]
+# [*persist_state_interval]
+#
+# === Variables
+#
+# === Examples
+#
+# rsyslog::imfile { 'my-imfile':
+# file_name => '/some/file',
+# file_tag => 'mytag',
+# file_facility => 'myfacility',
+# }
+#
+define rsyslog::imfile(
+ $file_name,
+ $file_tag,
+ $file_facility,
+ $polling_interval = 10,
+ $file_severity = 'notice',
+ $run_file_monitor = true,
+ $persist_state_interval = 0,
+) {
+
+
+ include rsyslog
+ $extra_modules = $rsyslog::extra_modules
+
+ file { "${rsyslog::rsyslog_d}${name}.conf":
+ ensure => file,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ content => template('rsyslog/imfile.erb'),
+ require => Class['rsyslog::install'],
+ notify => Class['rsyslog::service'],
+ }
+
+}
diff --git a/puppet/modules/rsyslog/manifests/init.pp b/puppet/modules/rsyslog/manifests/init.pp
new file mode 100644
index 00000000..76d61023
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/init.pp
@@ -0,0 +1,54 @@
+# == Class: rsyslog
+#
+# Meta class to install rsyslog with a basic configuration.
+# You probably want rsyslog::client or rsyslog::server
+#
+# === Parameters
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog': }
+#
+class rsyslog (
+ $rsyslog_package_name = $rsyslog::params::rsyslog_package_name,
+ $relp_package_name = $rsyslog::params::relp_package_name,
+ $mysql_package_name = $rsyslog::params::mysql_package_name,
+ $pgsql_package_name = $rsyslog::params::pgsql_package_name,
+ $gnutls_package_name = $rsyslog::params::gnutls_package_name,
+ $package_status = $rsyslog::params::package_status,
+ $rsyslog_d = $rsyslog::params::rsyslog_d,
+ $purge_rsyslog_d = $rsyslog::params::purge_rsyslog_d,
+ $rsyslog_conf = $rsyslog::params::rsyslog_conf,
+ $rsyslog_default = $rsyslog::params::rsyslog_default,
+ $rsyslog_default_file = $rsyslog::params::default_config_file,
+ $run_user = $rsyslog::params::run_user,
+ $run_group = $rsyslog::params::run_group,
+ $log_user = $rsyslog::params::log_user,
+ $log_group = $rsyslog::params::log_group,
+ $log_style = $rsyslog::params::log_style,
+ $umask = $rsyslog::params::umask,
+ $perm_file = $rsyslog::params::perm_file,
+ $perm_dir = $rsyslog::params::perm_dir,
+ $spool_dir = $rsyslog::params::spool_dir,
+ $service_name = $rsyslog::params::service_name,
+ $service_hasrestart = $rsyslog::params::service_hasrestart,
+ $service_hasstatus = $rsyslog::params::service_hasstatus,
+ $client_conf = $rsyslog::params::client_conf,
+ $server_conf = $rsyslog::params::server_conf,
+ $ssl = $rsyslog::params::ssl,
+ $modules = $rsyslog::params::modules,
+ $preserve_fqdn = $rsyslog::params::preserve_fqdn,
+ $max_message_size = $rsyslog::params::max_message_size,
+ $extra_modules = $rsyslog::params::extra_modules
+) inherits rsyslog::params {
+ class { 'rsyslog::install': }
+ class { 'rsyslog::config': }
+
+ if $extra_modules != [] {
+ class { 'rsyslog::modload': }
+ }
+
+ class { 'rsyslog::service': }
+}
diff --git a/puppet/modules/rsyslog/manifests/install.pp b/puppet/modules/rsyslog/manifests/install.pp
new file mode 100644
index 00000000..9798b3f4
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/install.pp
@@ -0,0 +1,32 @@
+# == Class: rsyslog::install
+#
+# This class makes sure that the required packages are installed
+#
+# === Parameters
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog::install': }
+#
+class rsyslog::install {
+ if $rsyslog::rsyslog_package_name != false {
+ package { $rsyslog::rsyslog_package_name:
+ ensure => $rsyslog::package_status,
+ }
+ }
+
+ if $rsyslog::relp_package_name != false {
+ package { $rsyslog::relp_package_name:
+ ensure => $rsyslog::package_status
+ }
+ }
+
+ if $rsyslog::gnutls_package_name != false {
+ package { $rsyslog::gnutls_package_name:
+ ensure => $rsyslog::package_status
+ }
+ }
+
+}
diff --git a/puppet/modules/rsyslog/manifests/modload.pp b/puppet/modules/rsyslog/manifests/modload.pp
new file mode 100644
index 00000000..7a838af1
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/modload.pp
@@ -0,0 +1,15 @@
+# == Class: rsyslog::modload
+#
+
+class rsyslog::modload (
+ $modload_filename = '10-modload.conf',
+) {
+ file { "${rsyslog::rsyslog_d}${modload_filename}":
+ ensure => file,
+ owner => 'root',
+ group => $rsyslog::run_group,
+ content => template('rsyslog/modload.erb'),
+ require => Class['rsyslog::install'],
+ notify => Class['rsyslog::service'],
+ }
+}
diff --git a/puppet/modules/rsyslog/manifests/params.pp b/puppet/modules/rsyslog/manifests/params.pp
new file mode 100644
index 00000000..12a67cef
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/params.pp
@@ -0,0 +1,222 @@
+# == Class: rsyslog::params
+#
+# This defines default configuration values for rsyslog.
+# You don't want to use it directly.
+#
+# === Parameters
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog::params': }
+#
+class rsyslog::params {
+
+ $max_message_size = '2k'
+ $purge_rsyslog_d = false
+ $extra_modules = []
+ $run_user = 'root'
+ $log_user = 'root'
+ $preserve_fqdn = false
+
+ case $::osfamily {
+ debian: {
+ $rsyslog_package_name = 'rsyslog'
+ $relp_package_name = 'rsyslog-relp'
+ $mysql_package_name = 'rsyslog-mysql'
+ $pgsql_package_name = 'rsyslog-pgsql'
+ $gnutls_package_name = 'rsyslog-gnutls'
+ $package_status = 'latest'
+ $rsyslog_d = '/etc/rsyslog.d/'
+ $rsyslog_conf = '/etc/rsyslog.conf'
+ $rsyslog_default = '/etc/default/rsyslog'
+ $default_config_file = 'rsyslog_default'
+ $run_group = 'root'
+ $log_group = 'adm'
+ $log_style = 'debian'
+ $umask = false
+ $perm_file = '0640'
+ $perm_dir = '0755'
+ $spool_dir = '/var/spool/rsyslog'
+ $service_name = 'rsyslog'
+ $client_conf = 'client'
+ $server_conf = 'server'
+ $ssl = false
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ $service_hasrestart = true
+ $service_hasstatus = true
+
+ }
+ redhat: {
+ if $::operatingsystem == 'Amazon' {
+ $rsyslog_package_name = 'rsyslog'
+ $mysql_package_name = 'rsyslog-mysql'
+ $pgsql_package_name = 'rsyslog-pgsql'
+ $gnutls_package_name = 'rsyslog-gnutls'
+ $relp_package_name = false
+ $default_config_file = 'rsyslog_default'
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ }
+ elsif $::operatingsystemmajrelease == 6 {
+ $rsyslog_package_name = 'rsyslog'
+ $mysql_package_name = 'rsyslog-mysql'
+ $pgsql_package_name = 'rsyslog-pgsql'
+ $gnutls_package_name = 'rsyslog-gnutls'
+ $relp_package_name = 'rsyslog-relp'
+ $default_config_file = 'rsyslog_default'
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ }
+ elsif $::operatingsystemmajrelease >= 7 {
+ $rsyslog_package_name = 'rsyslog'
+ $mysql_package_name = 'rsyslog-mysql'
+ $pgsql_package_name = 'rsyslog-pgsql'
+ $gnutls_package_name = 'rsyslog-gnutls'
+ $relp_package_name = 'rsyslog-relp'
+ $default_config_file = 'rsyslog_default_rhel7'
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imjournal # provides access to the systemd journal',
+ '#$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ } else {
+ $rsyslog_package_name = 'rsyslog5'
+ $mysql_package_name = 'rsyslog5-mysql'
+ $pgsql_package_name = 'rsyslog5-pgsql'
+ $gnutls_package_name = 'rsyslog5-gnutls'
+ $relp_package_name = 'librelp'
+ $default_config_file = 'rsyslog_default'
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ }
+ $package_status = 'latest'
+ $rsyslog_d = '/etc/rsyslog.d/'
+ $rsyslog_conf = '/etc/rsyslog.conf'
+ $rsyslog_default = '/etc/sysconfig/rsyslog'
+ $run_group = 'root'
+ $log_group = 'root'
+ $log_style = 'redhat'
+ $umask = '0000'
+ $perm_file = '0600'
+ $perm_dir = '0750'
+ $spool_dir = '/var/lib/rsyslog'
+ $service_name = 'rsyslog'
+ $client_conf = 'client'
+ $server_conf = 'server'
+ $ssl = false
+ $service_hasrestart = true
+ $service_hasstatus = true
+ }
+ suse: {
+ $rsyslog_package_name = 'rsyslog'
+ $relp_package_name = false
+ $mysql_package_name = false
+ $pgsql_package_name = false
+ $gnutls_package_name = false
+ $package_status = 'latest'
+ $rsyslog_d = '/etc/rsyslog.d/'
+ $rsyslog_conf = '/etc/rsyslog.conf'
+ $rsyslog_default = '/etc/sysconfig/syslog'
+ $run_group = 'root'
+ $log_group = 'root'
+ $log_style = 'debian'
+ $umask = false
+ $perm_file = '0600'
+ $perm_dir = '0750'
+ $spool_dir = '/var/spool/rsyslog/'
+ $service_name = 'syslog'
+ $client_conf = 'client'
+ $server_conf = 'server'
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ }
+ freebsd: {
+ $rsyslog_package_name = 'sysutils/rsyslog5'
+ $relp_package_name = 'sysutils/rsyslog5-relp'
+ $mysql_package_name = 'sysutils/rsyslog5-mysql'
+ $pgsql_package_name = 'sysutils/rsyslog5-pgsql'
+ $gnutls_package_name = 'sysutils/rsyslog5-gnutls'
+ $package_status = 'present'
+ $rsyslog_d = '/etc/syslog.d/'
+ $rsyslog_conf = '/etc/syslog.conf'
+ $rsyslog_default = '/etc/defaults/syslogd'
+ $default_config_file = 'rsyslog_default'
+ $run_group = 'wheel'
+ $log_group = 'wheel'
+ $log_style = 'debian'
+ $umask = false
+ $perm_file = '0640'
+ $perm_dir = '0755'
+ $spool_dir = '/var/spool/syslog'
+ $service_name = 'syslogd'
+ $client_conf = 'client'
+ $server_conf = 'server'
+ $ssl = false
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ $service_hasrestart = true
+ $service_hasstatus = true
+ }
+
+ default: {
+ case $::operatingsystem {
+ gentoo: {
+ $rsyslog_package_name = 'app-admin/rsyslog'
+ $relp_package_name = false
+ $mysql_package_name = 'rsyslog-mysql'
+ $pgsql_package_name = 'rsyslog-pgsql'
+ $gnutls_package_name = false
+ $package_status = 'latest'
+ $rsyslog_d = '/etc/rsyslog.d/'
+ $rsyslog_conf = '/etc/rsyslog.conf'
+ $rsyslog_default = '/etc/conf.d/rsyslog'
+ $default_config_file = 'rsyslog_default_gentoo'
+ $run_group = 'root'
+ $log_group = 'adm'
+ $log_style = 'debian'
+ $umask = false
+ $perm_file = '0640'
+ $perm_dir = '0755'
+ $spool_dir = '/var/spool/rsyslog'
+ $service_name = 'rsyslog'
+ $client_conf = 'client'
+ $server_conf = 'server'
+ $ssl = false
+ $modules = [
+ '$ModLoad imuxsock # provides support for local system logging',
+ '$ModLoad imklog # provides kernel logging support (previously done by rklogd)',
+ '#$ModLoad immark # provides --MARK-- message capability',
+ ]
+ $service_hasrestart = true
+ $service_hasstatus = true
+
+ }
+ default: {
+ fail("The ${module_name} module is not supported on ${::osfamily}/${::operatingsystem}.")
+ }
+ }
+ }
+ }
+}
diff --git a/puppet/modules/rsyslog/manifests/server.pp b/puppet/modules/rsyslog/manifests/server.pp
new file mode 100644
index 00000000..13ee56de
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/server.pp
@@ -0,0 +1,70 @@
+# == Class: rsyslog::server
+#
+# This class configures rsyslog for a server role.
+#
+# === Parameters
+#
+# [*enable_tcp*]
+# [*enable_udp*]
+# [*enable_onefile*]
+# [*server_dir*]
+# [*custom_config*]
+# [*high_precision_timestamps*]
+# [*ssl_ca*]
+# [*ssl_cert*]
+# [*ssl_key*]
+#
+# === Variables
+#
+# === Examples
+#
+# Defaults
+#
+# class { 'rsyslog::server': }
+#
+# Create seperate directory per host
+#
+# class { 'rsyslog::server':
+# custom_config => 'rsyslog/server-hostname.conf.erb'
+# }
+#
+class rsyslog::server (
+ $enable_tcp = true,
+ $enable_udp = true,
+ $enable_onefile = false,
+ $server_dir = '/srv/log/',
+ $custom_config = undef,
+ $port = '514',
+ $high_precision_timestamps = false,
+ $ssl_ca = undef,
+ $ssl_cert = undef,
+ $ssl_key = undef,
+ $rotate = undef
+) inherits rsyslog {
+
+ ### Logrotate policy
+ $logpath = $rotate ? {
+ 'year' => '/%$YEAR%/',
+ 'YEAR' => '/%$YEAR%/',
+ 'month' => '/%$YEAR%/%$MONTH%/',
+ 'MONTH' => '/%$YEAR%/%$MONTH%/',
+ 'day' => '/%$YEAR%/%$MONTH%/%$DAY%/',
+ 'DAY' => '/%$YEAR%/%$MONTH%/%$DAY%/',
+ default => '/',
+ }
+
+ if $custom_config {
+ $real_content = template($custom_config)
+ } else {
+ $real_content = template("${module_name}/server-default.conf.erb")
+ }
+
+ rsyslog::snippet { $rsyslog::server_conf:
+ ensure => present,
+ content => $real_content,
+ }
+
+ if $rsyslog::ssl and (!$enable_tcp or $ssl_ca == undef or $ssl_cert == undef or $ssl_key == undef) {
+ fail('You need to define all the ssl options and enable tcp in order to use SSL.')
+ }
+}
diff --git a/puppet/modules/rsyslog/manifests/service.pp b/puppet/modules/rsyslog/manifests/service.pp
new file mode 100644
index 00000000..4be19999
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/service.pp
@@ -0,0 +1,21 @@
+# == Class: rsyslog::service
+#
+# This class enforces running of the rsyslog service.
+#
+# === Parameters
+#
+# === Variables
+#
+# === Examples
+#
+# class { 'rsyslog::service': }
+#
+class rsyslog::service {
+ service { $rsyslog::service_name:
+ ensure => running,
+ enable => true,
+ hasstatus => $rsyslog::service_hasstatus,
+ hasrestart => $rsyslog::service_hasrestart,
+ require => Class['rsyslog::config'],
+ }
+}
diff --git a/puppet/modules/rsyslog/manifests/snippet.pp b/puppet/modules/rsyslog/manifests/snippet.pp
new file mode 100644
index 00000000..f6383963
--- /dev/null
+++ b/puppet/modules/rsyslog/manifests/snippet.pp
@@ -0,0 +1,35 @@
+# == Define: rsyslog::snippet
+#
+# This class allows for you to create a rsyslog configuration file with
+# whatever content you pass in.
+#
+# === Parameters
+#
+# [*content*] - The actual content to place in the file.
+# [*ensure*] - How to enforce the file (default: present)
+#
+# === Variables
+#
+# === Examples
+#
+# rsyslog::snippet { 'my-rsyslog-config':
+# content => '<Some rsyslog directive>',
+# }
+#
+define rsyslog::snippet(
+ $content,
+ $ensure = 'present'
+) {
+
+ include rsyslog
+
+ file { "${rsyslog::rsyslog_d}${name}.conf":
+ ensure => $ensure,
+ owner => $rsyslog::run_user,
+ group => $rsyslog::run_group,
+ content => "# This file is managed by Puppet, changes may be overwritten\n${content}\n",
+ require => Class['rsyslog::config'],
+ notify => Class['rsyslog::service'],
+ }
+
+}
diff --git a/puppet/modules/rsyslog/metadata.json b/puppet/modules/rsyslog/metadata.json
new file mode 100644
index 00000000..c9338eef
--- /dev/null
+++ b/puppet/modules/rsyslog/metadata.json
@@ -0,0 +1,62 @@
+{
+ "name": "saz-rsyslog",
+ "version": "3.4.0",
+ "author": "saz",
+ "summary": "Manage rsyslog client and server",
+ "license": "Apache License, Version 2.0",
+ "source": "https://github.com/saz/puppet-rsyslog.git",
+ "project_page": "https://github.com/saz/puppet-rsyslog",
+ "issues_url": "https://github.com/saz/puppet-rsyslog/issues",
+ "operatingsystem_support": [
+ {
+ "operatingsystem": "RedHat"
+ },
+ {
+ "operatingsystem": "Amazon"
+ },
+ {
+ "operatingsystem": "CentOS"
+ },
+ {
+ "operatingsystem": "SuSe"
+ },
+ {
+ "operatingsystem": "SLES"
+ },
+ {
+ "operatingsystem": "OracleLinux"
+ },
+ {
+ "operatingsystem": "Scientific"
+ },
+ {
+ "operatingsystem": "Debian"
+ },
+ {
+ "operatingsystem": "Ubuntu"
+ },
+ {
+ "operatingsystem": "FreeBSD"
+ },
+ {
+ "operatingsystem": "Gentoo"
+ }
+ ],
+ "requirements": [
+ {
+ "name": "pe",
+ "version_requirement": ">= 3.2.0 < 3.4.0"
+ },
+ {
+ "name": "puppet",
+ "version_requirement": "3.x"
+ }
+ ],
+ "description": "Manage rsyslog client and server via Puppet",
+ "types": [
+
+ ],
+ "dependencies": [
+
+ ]
+}
diff --git a/puppet/modules/rsyslog/spec/classes/rsyslog_client_spec.rb b/puppet/modules/rsyslog/spec/classes/rsyslog_client_spec.rb
new file mode 100644
index 00000000..82865db9
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/classes/rsyslog_client_spec.rb
@@ -0,0 +1,146 @@
+require 'spec_helper'
+
+describe 'rsyslog::client', :type => :class do
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '8.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/client.conf')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/client.conf')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/client.conf')
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version =< 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '7.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/client.conf')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/client.conf')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/client.conf')
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version = nil" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => nil
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-client-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/client.conf')
+ end
+ end
+ end
+ end
+end
diff --git a/puppet/modules/rsyslog/spec/classes/rsyslog_database_spec.rb b/puppet/modules/rsyslog/spec/classes/rsyslog_database_spec.rb
new file mode 100644
index 00000000..0421135a
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/classes/rsyslog_database_spec.rb
@@ -0,0 +1,308 @@
+require 'spec_helper'
+
+describe 'rsyslog::database', :type => :class do
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '8.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage mysql (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-database-mysql' }
+
+ let (:params) {
+ {
+ 'backend' => 'mysql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-mysql')
+ should contain_file('/etc/rsyslog.d/mysql.conf')
+ end
+ end
+
+ context "default usage pgsql (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-database-pgsql' }
+
+ let (:params) {
+ {
+ 'backend' => 'pgsql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-pgsql')
+ should contain_file('/etc/rsyslog.d/pgsql.conf')
+ end
+ end
+ end
+
+
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage mysql (osfamily = Debian)" do
+ let(:title) { 'rsyslog-database-mysql' }
+
+ let (:params) {
+ {
+ 'backend' => 'mysql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-mysql')
+ should contain_file('/etc/rsyslog.d/mysql.conf')
+ end
+ end
+
+ context "default usage pgsql (osfamily = Debian)" do
+ let(:title) { 'rsyslog-database-pgsql' }
+
+ let (:params) {
+ {
+ 'backend' => 'pgsql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-pgsql')
+ should contain_file('/etc/rsyslog.d/pgsql.conf')
+ end
+ end
+ end
+
+
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage mysql (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-database-mysql' }
+
+ let (:params) {
+ {
+ 'backend' => 'mysql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('sysutils/rsyslog5-mysql')
+ should contain_file('/etc/syslog.d/mysql.conf')
+ end
+ end
+
+ context "default usage pgsql (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-database-pgsql' }
+
+ let (:params) {
+ {
+ 'backend' => 'pgsql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('sysutils/rsyslog5-pgsql')
+ should contain_file('/etc/syslog.d/pgsql.conf')
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version =< 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '7.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage mysql (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-database-mysql' }
+
+ let (:params) {
+ {
+ 'backend' => 'mysql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-mysql')
+ should contain_file('/etc/rsyslog.d/mysql.conf')
+ end
+ end
+
+ context "default usage pgsql (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-database-pgsql' }
+
+ let (:params) {
+ {
+ 'backend' => 'pgsql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-pgsql')
+ should contain_file('/etc/rsyslog.d/pgsql.conf')
+ end
+ end
+ end
+
+
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage mysql (osfamily = Debian)" do
+ let(:title) { 'rsyslog-database-mysql' }
+
+ let (:params) {
+ {
+ 'backend' => 'mysql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-mysql')
+ should contain_file('/etc/rsyslog.d/mysql.conf')
+ end
+ end
+
+ context "default usage pgsql (osfamily = Debian)" do
+ let(:title) { 'rsyslog-database-pgsql' }
+
+ let (:params) {
+ {
+ 'backend' => 'pgsql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('rsyslog-pgsql')
+ should contain_file('/etc/rsyslog.d/pgsql.conf')
+ end
+ end
+ end
+
+
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage mysql (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-database-mysql' }
+
+ let (:params) {
+ {
+ 'backend' => 'mysql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('sysutils/rsyslog5-mysql')
+ should contain_file('/etc/syslog.d/mysql.conf')
+ end
+ end
+
+ context "default usage pgsql (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-database-pgsql' }
+
+ let (:params) {
+ {
+ 'backend' => 'pgsql',
+ 'server' => 'localhost',
+ 'database' => 'rsyslog',
+ 'username' => 'us3rname',
+ 'password' => 'passw0rd',
+ }
+ }
+
+ it 'should compile' do
+ should contain_package('sysutils/rsyslog5-pgsql')
+ should contain_file('/etc/syslog.d/pgsql.conf')
+ end
+ end
+ end
+ end
+end
diff --git a/puppet/modules/rsyslog/spec/classes/rsyslog_server_spec.rb b/puppet/modules/rsyslog/spec/classes/rsyslog_server_spec.rb
new file mode 100644
index 00000000..8f57656b
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/classes/rsyslog_server_spec.rb
@@ -0,0 +1,182 @@
+require 'spec_helper'
+
+describe 'rsyslog::server', :type => :class do
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '8.1.2'
+ }
+ end
+
+ ['RedHat', 'Debian'].each do |osfamily|
+ context "osfamily = #{osfamily}" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => osfamily,
+ :operatingsystem => osfamily,
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = #{osfamily})" do
+ let(:title) { 'rsyslog-server-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "enable_onefile (osfamily = #{osfamily})" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'enable_onefile' => 'true'} }
+
+ it 'should compile' do
+ should_not contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "hostname_template (osfamily = #{osfamily})" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'custom_config' => 'rsyslog/server-hostname.conf.erb'} }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/%hostname%\/auth.log/)
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/%hostname%\/messages/)
+ end
+ end
+
+ end
+ end
+
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-server-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "enable_onefile (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'enable_onefile' => 'true'} }
+
+ it 'should compile' do
+ should_not contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "hostname_template (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'custom_config' => 'rsyslog/server-hostname.conf.erb'} }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/server.conf').with_content(/%hostname%\/auth.log/)
+ should contain_file('/etc/syslog.d/server.conf').with_content(/%hostname%\/messages/)
+ end
+ end
+
+ end
+ end
+
+ context "Rsyslog version =< 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '7.1.2'
+ }
+ end
+
+ ['RedHat', 'Debian'].each do |osfamily|
+ context "osfamily = #{osfamily}" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => osfamily,
+ :operatingsystem => osfamily,
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = #{osfamily})" do
+ let(:title) { 'rsyslog-server-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "enable_onefile (osfamily = #{osfamily})" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'enable_onefile' => 'true'} }
+
+ it 'should compile' do
+ should_not contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "hostname_template (osfamily = #{osfamily})" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'custom_config' => 'rsyslog/server-hostname.conf.erb'} }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/%hostname%\/auth.log/)
+ should contain_file('/etc/rsyslog.d/server.conf').with_content(/%hostname%\/messages/)
+ end
+ end
+
+ end
+ end
+
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-server-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "enable_onefile (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'enable_onefile' => 'true'} }
+
+ it 'should compile' do
+ should_not contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/auth.log/)
+ should contain_file('/etc/syslog.d/server.conf').with_content(/\(\[A-Za-z-\]\*\)--end%\/messages/)
+ end
+ end
+
+ context "hostname_template (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-server-onefile' }
+ let(:params) { {'custom_config' => 'rsyslog/server-hostname.conf.erb'} }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/server.conf').with_content(/%hostname%\/auth.log/)
+ should contain_file('/etc/syslog.d/server.conf').with_content(/%hostname%\/messages/)
+ end
+ end
+
+ end
+ end
+end # describe 'rsyslog::server'
diff --git a/puppet/modules/rsyslog/spec/classes/rsyslog_spec.rb b/puppet/modules/rsyslog/spec/classes/rsyslog_spec.rb
new file mode 100644
index 00000000..344d7174
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/classes/rsyslog_spec.rb
@@ -0,0 +1,469 @@
+require 'spec_helper'
+
+describe 'rsyslog', :type => :class do
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '8.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_class('rsyslog::install')
+ should contain_class('rsyslog::config')
+ should contain_class('rsyslog::service')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_class('rsyslog::install')
+ should contain_class('rsyslog::config')
+ should contain_class('rsyslog::service')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_class('rsyslog::install')
+ should contain_class('rsyslog::config')
+ should contain_class('rsyslog::service')
+ end
+ end
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.conf')
+ should contain_file('/etc/rsyslog.d/')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.conf')
+ should contain_file('/etc/rsyslog.d/')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.conf')
+ should contain_file('/etc/syslog.d/')
+ end
+ end
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-install-basic' }
+
+ it 'should compile' do
+ should contain_package('rsyslog')
+ should contain_package('rsyslog-relp')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-install-basic' }
+
+ it 'should compile' do
+ should contain_package('rsyslog')
+ should contain_package('rsyslog-relp')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-install-basic' }
+
+ it 'should compile' do
+ should contain_package('sysutils/rsyslog5')
+ should contain_package('sysutils/rsyslog5-relp')
+ end
+ end
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-service-basic' }
+
+ it 'should compile' do
+ should contain_service('rsyslog')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-service-basic' }
+
+ it 'should compile' do
+ should contain_service('rsyslog')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-service-basic' }
+
+ it 'should compile' do
+ should contain_service('syslogd')
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version =< 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '7.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_class('rsyslog::install')
+ should contain_class('rsyslog::config')
+ should contain_class('rsyslog::service')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_class('rsyslog::install')
+ should contain_class('rsyslog::config')
+ should contain_class('rsyslog::service')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = FreeBSD)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_class('rsyslog::install')
+ should contain_class('rsyslog::config')
+ should contain_class('rsyslog::service')
+ end
+ end
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.conf')
+ should contain_file('/etc/rsyslog.d/')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.conf')
+ should contain_file('/etc/rsyslog.d/')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.conf')
+ should contain_file('/etc/syslog.d/')
+ end
+ end
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-install-basic' }
+
+ it 'should compile' do
+ should contain_package('rsyslog')
+ should contain_package('rsyslog-relp')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-install-basic' }
+
+ it 'should compile' do
+ should contain_package('rsyslog')
+ should contain_package('rsyslog-relp')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-install-basic' }
+
+ it 'should compile' do
+ should contain_package('sysutils/rsyslog5')
+ should contain_package('sysutils/rsyslog5-relp')
+ end
+ end
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-service-basic' }
+
+ it 'should compile' do
+ should contain_service('rsyslog')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-service-basic' }
+
+ it 'should compile' do
+ should contain_service('rsyslog')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-service-basic' }
+
+ it 'should compile' do
+ should contain_service('syslogd')
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => nil
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ context "default usage (osfamily = RedHat)" do
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.conf')
+ should contain_file('/etc/rsyslog.d/')
+ end
+ end
+ end
+ end
+end
diff --git a/puppet/modules/rsyslog/spec/defines/rsyslog_imfile_spec.rb b/puppet/modules/rsyslog/spec/defines/rsyslog_imfile_spec.rb
new file mode 100644
index 00000000..1c505eb7
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/defines/rsyslog_imfile_spec.rb
@@ -0,0 +1,169 @@
+require 'spec_helper'
+
+describe 'rsyslog::imfile', :type => :define do
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '8.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ let (:params) {
+ {
+ 'file_name' => 'mylogfile',
+ 'file_tag' => 'mytag',
+ 'file_facility' => 'myfacility',
+ }
+ }
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-imfile-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-imfile-basic.conf')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ let (:params) {
+ {
+ 'file_name' => 'mylogfile',
+ 'file_tag' => 'mytag',
+ 'file_facility' => 'myfacility',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-imfile-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-imfile-basic.conf')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ let (:params) {
+ {
+ 'file_name' => 'mylogfile',
+ 'file_tag' => 'mytag',
+ 'file_facility' => 'myfacility',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-imfile-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/rsyslog-imfile-basic.conf')
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version =< 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '7.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'RedHat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ let (:params) {
+ {
+ 'file_name' => 'mylogfile',
+ 'file_tag' => 'mytag',
+ 'file_facility' => 'myfacility',
+ }
+ }
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-imfile-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-imfile-basic.conf')
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ let (:params) {
+ {
+ 'file_name' => 'mylogfile',
+ 'file_tag' => 'mytag',
+ 'file_facility' => 'myfacility',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-imfile-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-imfile-basic.conf')
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ let (:params) {
+ {
+ 'file_name' => 'mylogfile',
+ 'file_tag' => 'mytag',
+ 'file_facility' => 'myfacility',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-imfile-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/rsyslog-imfile-basic.conf')
+ end
+ end
+ end
+ end
+
+end
diff --git a/puppet/modules/rsyslog/spec/defines/rsyslog_snippet_spec.rb b/puppet/modules/rsyslog/spec/defines/rsyslog_snippet_spec.rb
new file mode 100644
index 00000000..6cc68839
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/defines/rsyslog_snippet_spec.rb
@@ -0,0 +1,157 @@
+require 'spec_helper'
+
+describe 'rsyslog::snippet', :type => :define do
+
+ context "Rsyslog version >= 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '8.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'Redhat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ let (:params) {
+ {
+ 'content' => 'Random Content',
+ }
+ }
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-snippet-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-snippet-basic.conf').with_content("# This file is managed by Puppet, changes may be overwritten\nRandom Content\n")
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ let (:params) {
+ {
+ 'content' => 'Random Content',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-snippet-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-snippet-basic.conf').with_content("# This file is managed by Puppet, changes may be overwritten\nRandom Content\n")
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ let (:params) {
+ {
+ 'content' => 'Random Content',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-snippet-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/rsyslog-snippet-basic.conf').with_content("# This file is managed by Puppet, changes may be overwritten\nRandom Content\n")
+ end
+ end
+ end
+ end
+
+ context "Rsyslog version =< 8" do
+ let(:default_facts) do
+ {
+ :rsyslog_version => '7.1.2'
+ }
+ end
+
+ context "osfamily = RedHat" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'RedHat',
+ :operatingsystem => 'Redhat',
+ :operatingsystemmajrelease => 6,
+ })
+ end
+
+ let (:params) {
+ {
+ 'content' => 'Random Content',
+ }
+ }
+
+ context "default usage (osfamily = RedHat)" do
+ let(:title) { 'rsyslog-snippet-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-snippet-basic.conf').with_content("# This file is managed by Puppet, changes may be overwritten\nRandom Content\n")
+ end
+ end
+ end
+
+ context "osfamily = Debian" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'Debian',
+ })
+ end
+
+ let (:params) {
+ {
+ 'content' => 'Random Content',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-snippet-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/rsyslog.d/rsyslog-snippet-basic.conf').with_content("# This file is managed by Puppet, changes may be overwritten\nRandom Content\n")
+ end
+ end
+ end
+
+ context "osfamily = FreeBSD" do
+ let :facts do
+ default_facts.merge!({
+ :osfamily => 'freebsd',
+ })
+ end
+
+ let (:params) {
+ {
+ 'content' => 'Random Content',
+ }
+ }
+
+ context "default usage (osfamily = Debian)" do
+ let(:title) { 'rsyslog-snippet-basic' }
+
+ it 'should compile' do
+ should contain_file('/etc/syslog.d/rsyslog-snippet-basic.conf').with_content("# This file is managed by Puppet, changes may be overwritten\nRandom Content\n")
+ end
+ end
+ end
+ end
+
+end
diff --git a/puppet/modules/rsyslog/spec/spec.opts b/puppet/modules/rsyslog/spec/spec.opts
new file mode 100644
index 00000000..91cd6427
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/spec.opts
@@ -0,0 +1,6 @@
+--format
+s
+--colour
+--loadby
+mtime
+--backtrace
diff --git a/puppet/modules/rsyslog/spec/spec_helper.rb b/puppet/modules/rsyslog/spec/spec_helper.rb
new file mode 100644
index 00000000..12bb0b7f
--- /dev/null
+++ b/puppet/modules/rsyslog/spec/spec_helper.rb
@@ -0,0 +1,28 @@
+require 'puppetlabs_spec_helper/module_spec_helper'
+
+RSpec.configure do |c|
+ c.mock_with :rspec do |mock|
+ mock.syntax = [:expect, :should]
+ end
+ c.include PuppetlabsSpec::Files
+
+ c.before :each do
+ # Ensure that we don't accidentally cache facts and environment
+ # between test cases.
+ Facter::Util::Loader.any_instance.stubs(:load_all)
+ Facter.clear
+ Facter.clear_messages
+
+ # Store any environment variables away to be restored later
+ @old_env = {}
+ ENV.each_key {|k| @old_env[k] = ENV[k]}
+
+ if Gem::Version.new(`puppet --version`) >= Gem::Version.new('3.5')
+ Puppet.settings[:strict_variables]=true
+ end
+ end
+
+ c.after :each do
+ PuppetlabsSpec::Files.cleanup
+ end
+end
diff --git a/puppet/modules/rsyslog/templates/client.conf.erb b/puppet/modules/rsyslog/templates/client.conf.erb
new file mode 100644
index 00000000..c05ae797
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/client.conf.erb
@@ -0,0 +1,180 @@
+
+# An "In-Memory Queue" is created for remote logging.
+$WorkDirectory <%= scope.lookupvar('rsyslog::spool_dir') -%> # where to place spool files
+$ActionQueueFileName queue # unique name prefix for spool files
+$ActionQueueMaxDiskSpace <%= scope.lookupvar('rsyslog::client::spool_size') -%> # spool space limit (use as much as possible)
+$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
+$ActionQueueType LinkedList # run asynchronously
+$ActionResumeRetryCount -1 # infinety retries if host is down
+<% if scope.lookupvar('rsyslog::client::log_templates') and ! scope.lookupvar('rsyslog::client::log_templates').empty?-%>
+
+# Define custom logging templates
+<% scope.lookupvar('rsyslog::client::log_templates').flatten.compact.each do |log_template| -%>
+$template <%= log_template['name'] %>,"<%= log_template['template'] %>"
+<% end -%>
+<% end -%>
+<% if scope.lookupvar('rsyslog::client::actionfiletemplate') -%>
+
+# Using specified format for default logging format:
+$ActionFileDefaultTemplate <%= scope.lookupvar('rsyslog::client::actionfiletemplate') %>
+<% else -%>
+
+#Using default format for default logging format:
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+<% end -%>
+<% if scope.lookupvar('rsyslog::client::ssl') -%>
+
+# Setup SSL connection.
+# CA/Cert
+$DefaultNetStreamDriverCAFile <%= scope.lookupvar('rsyslog::client::ssl_ca') %>
+
+# Connection settings.
+$DefaultNetstreamDriver gtls
+$ActionSendStreamDriverMode 1
+$ActionSendStreamDriverAuthMode anon
+<% end -%>
+<% if scope.lookupvar('rsyslog::client::remote_servers') -%>
+
+<% scope.lookupvar('rsyslog::client::remote_servers').flatten.compact.each do |server| -%>
+<% if server['pattern'] and server['pattern'] != ''-%>
+<% pattern = server['pattern'] -%>
+<% else -%>
+<% pattern = '*.*' -%>
+<% end -%>
+<% if server['protocol'] == 'TCP' or server['protocol'] == 'tcp'-%>
+<% protocol = '@@' -%>
+<% protocol_type = 'TCP' -%>
+<% else -%>
+<% protocol = '@' -%>
+<% protocol_type = 'UDP' -%>
+<% end -%>
+<% if server['host'] and server['host'] != ''-%>
+<% host = server['host'] -%>
+<% else -%>
+<% host = 'localhost' -%>
+<% end -%>
+<% if server['port'] and server['port'] != ''-%>
+<% port = server['port'] -%>
+<% else -%>
+<% port = '514' -%>
+<% end -%>
+<% if server['format'] -%>
+<% format = ";#{server['format']}" -%>
+<% format_type = server['format'] -%>
+<% else -%>
+<% format = '' -%>
+<% format_type = 'the default' -%>
+<% end -%>
+# Sending logs that match <%= pattern %> to <%= host %> via <%= protocol_type %> on <%= port %> using <%=format_type %> format.
+<%= pattern %> <%= protocol %><%= host %>:<%= port %><%= format %>
+<% end -%>
+<% elsif scope.lookupvar('rsyslog::client::log_remote') -%>
+
+# Log to remote syslog server using <%= scope.lookupvar('rsyslog::client::remote_type') %>
+<% if scope.lookupvar('rsyslog::client::remote_type') == 'tcp' -%>
+*.* @@<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;<%= scope.lookupvar('remote_forward_format') -%>
+<% else -%>
+*.* @<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;<%= scope.lookupvar('remote_forward_format') -%>
+<% end -%>
+<% end -%>
+<% if scope.lookupvar('rsyslog::client::log_auth_local') or scope.lookupvar('rsyslog::client::log_local') -%>
+
+# Logging locally.
+
+<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
+# Log auth messages locally
+auth,authpriv.* /var/log/auth.log
+<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
+# Log auth messages locally
+auth,authpriv.* /var/log/secure
+<% end -%>
+<% end -%>
+<% if scope.lookupvar('rsyslog::client::log_local') -%>
+<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
+# First some standard log files. Log by facility.
+#
+*.*;auth,authpriv.none -/var/log/syslog
+cron.* /var/log/cron.log
+daemon.* -/var/log/daemon.log
+kern.* -/var/log/kern.log
+#lpr.* -/var/log/lpr.log
+mail.* -/var/log/mail.log
+user.* -/var/log/user.log
+
+#
+# Logging for the mail system. Split it up so that
+# it is easy to write scripts to parse these files.
+#
+mail.info -/var/log/mail.info
+mail.warn -/var/log/mail.warn
+mail.err /var/log/mail.err
+
+#
+# Logging for INN news system.
+#
+news.crit /var/log/news/news.crit
+news.err /var/log/news/news.err
+news.notice -/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+*.=debug;\
+ auth,authpriv.none;\
+ news.none;mail.none -/var/log/debug
+*.=info;*.=notice;*.=warn;\
+ auth,authpriv.none;\
+ cron,daemon.none;\
+ mail,news.none -/var/log/messages
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+# news.=crit;news.=err;news.=notice;\
+# *.=debug;*.=info;\
+# *.=notice;*.=warn /dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
+# you must invoke `xconsole' with the `-file' option:
+#
+# $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+# busy site..
+#
+daemon.*;mail.*;\
+ news.err;\
+ *.=debug;*.=info;\
+ *.=notice;*.=warn |/dev/xconsole
+<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
+# Log all kernel messages to the console.
+# Logging much else clutters up the screen.
+#kern.* /dev/console
+
+# Log anything (except mail) of level info or higher.
+# Don't log private authentication messages!
+*.info;mail.none;authpriv.none;cron.none /var/log/messages
+
+# Log all the mail messages in one place.
+mail.* -/var/log/maillog
+
+
+# Log cron stuff
+cron.* /var/log/cron
+
+# Everybody gets emergency messages
+<% if @rsyslog_version and @rsyslog_version.split('.')[0].to_i >= 8 -%>
+*.emerg :omusrmsg:*
+<% else -%>
+*.emerg *
+<% end -%>
+
+# Save news errors of level crit and higher in a special file.
+uucp,news.crit -/var/log/spooler
+
+# Save boot messages also to boot.log
+local7.* -/var/log/boot.log
+<% end -%>
+<% end -%>
diff --git a/puppet/modules/rsyslog/templates/database.conf.erb b/puppet/modules/rsyslog/templates/database.conf.erb
new file mode 100644
index 00000000..3934d6cf
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/database.conf.erb
@@ -0,0 +1,6 @@
+# File is managed by Puppet
+
+## Configuration file for rsyslog-<%= @backend %>
+
+$ModLoad <%= @db_module %>
+*.* :<%= @db_module -%>:<%= @server -%>,<%= @database -%>,<%= @username -%>,<%= @password %>
diff --git a/puppet/modules/rsyslog/templates/imfile.erb b/puppet/modules/rsyslog/templates/imfile.erb
new file mode 100644
index 00000000..4a11c728
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/imfile.erb
@@ -0,0 +1,15 @@
+<% if @extra_modules.empty?() or !@extra_modules.include?('imfile') -%>
+$ModLoad imfile
+<% end -%>
+
+
+$InputFileName <%= @file_name %>
+$InputFileTag <%= @file_tag %>
+$InputFileStateFile state-<%= @name %>
+$InputFileSeverity <%= @file_severity %>
+$InputFileFacility <%= @file_facility %>
+$InputFilePollInterval <%= @polling_interval %>
+$InputFilePersistStateInterval <%= @persist_state_interval %>
+<% if @run_file_monitor == true -%>
+$InputRunFileMonitor
+<% end -%>
diff --git a/puppet/modules/rsyslog/templates/modload.erb b/puppet/modules/rsyslog/templates/modload.erb
new file mode 100644
index 00000000..a14a612a
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/modload.erb
@@ -0,0 +1,3 @@
+<% @extra_modules.each do |mod| -%>
+$ModLoad <%= mod %>
+<% end -%>
diff --git a/puppet/modules/rsyslog/templates/rsyslog.conf.erb b/puppet/modules/rsyslog/templates/rsyslog.conf.erb
new file mode 100644
index 00000000..406aa49c
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/rsyslog.conf.erb
@@ -0,0 +1,49 @@
+# file is managed by puppet
+
+#################
+#### MODULES ####
+#################
+
+<% scope.lookupvar('rsyslog::modules').each do |module_row| -%>
+<%= module_row %>
+<% end -%>
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+#
+# Set max message size for sending and receiving
+#
+$MaxMessageSize <%= scope.lookupvar('rsyslog::max_message_size') %>
+
+#
+# Set the default permissions for all log files.
+#
+<% if scope.lookupvar('rsyslog::preserve_fqdn') -%>
+$PreserveFQDN on
+<% end -%>
+$FileOwner <%= scope.lookupvar('rsyslog::log_user') %>
+$FileGroup <%= scope.lookupvar('rsyslog::log_group') %>
+$FileCreateMode <%= scope.lookupvar('rsyslog::perm_file') %>
+$DirOwner <%= scope.lookupvar('rsyslog::log_user') %>
+$DirGroup <%= scope.lookupvar('rsyslog::log_group') %>
+$DirCreateMode <%= scope.lookupvar('rsyslog::perm_dir') %>
+$PrivDropToUser <%= scope.lookupvar('rsyslog::run_user') %>
+$PrivDropToGroup <%= scope.lookupvar('rsyslog::run_group') %>
+<% if scope.lookupvar('rsyslog::umask') -%>
+$Umask <%= scope.lookupvar('rsyslog::umask') %>
+<% end -%>
+
+#
+# Include all config files in <%= scope.lookupvar('rsyslog::rsyslog_d') %>
+#
+$IncludeConfig <%= scope.lookupvar('rsyslog::rsyslog_d') -%>*.conf
+
+#
+# Emergencies are sent to everybody logged in.
+#
+<% if @rsyslog_version and @rsyslog_version.split('.')[0].to_i >= 8 -%>
+*.emerg :omusrmsg:*
+<% else -%>
+*.emerg *
+<% end -%>
diff --git a/puppet/modules/rsyslog/templates/rsyslog_default.erb b/puppet/modules/rsyslog/templates/rsyslog_default.erb
new file mode 100644
index 00000000..a49eb59e
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/rsyslog_default.erb
@@ -0,0 +1,9 @@
+# File is managed by puppet
+
+<% if @rsyslog_version and @rsyslog_version.split('.')[0].to_i < 7 -%>
+# Debian, Ubuntu
+RSYSLOGD_OPTIONS="-c4"
+<% end -%>
+
+# CentOS, RedHat, Fedora
+SYSLOGD_OPTIONS="${RSYSLOGD_OPTIONS}"
diff --git a/puppet/modules/rsyslog/templates/rsyslog_default_gentoo.erb b/puppet/modules/rsyslog/templates/rsyslog_default_gentoo.erb
new file mode 100644
index 00000000..f5de7b58
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/rsyslog_default_gentoo.erb
@@ -0,0 +1,16 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/files/7-stable/rsyslog.confd,v 1.1 2012/11/20 13:03:36 ultrabug Exp $
+
+# Configuration file
+CONFIGFILE="/etc/rsyslog.conf"
+
+# PID file
+PIDFILE="/var/run/rsyslogd.pid"
+
+# Options to rsyslogd
+# See rsyslogd(8) for more details
+# Notes:
+# * Do not specify another PIDFILE but use the variable above to change the location
+# * Do not specify another CONFIGFILE but use the variable above to change the location
+RSYSLOG_OPTS=""
diff --git a/puppet/modules/rsyslog/templates/rsyslog_default_rhel7.erb b/puppet/modules/rsyslog/templates/rsyslog_default_rhel7.erb
new file mode 100644
index 00000000..c3b95c7f
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/rsyslog_default_rhel7.erb
@@ -0,0 +1,2 @@
+# File is managed by puppet
+SYSLOGD_OPTIONS=""
diff --git a/puppet/modules/rsyslog/templates/server-default.conf.erb b/puppet/modules/rsyslog/templates/server-default.conf.erb
new file mode 100644
index 00000000..0c7f67fe
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/server-default.conf.erb
@@ -0,0 +1,42 @@
+# File is managed by puppet
+
+<% # Common header across all templates -%>
+<%= scope.function_template(['rsyslog/server/_default-header.conf.erb']) %>
+
+# Log files are stored in directories matching the short hostname, excluding numbers
+# i.e. web01 web02 and web03 will all log to a the web directory
+<% if scope.lookupvar('rsyslog::server::enable_onefile') == false -%>
+
+# Templates
+$Template dynAuthLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>auth.log"
+$Template dynSyslog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>syslog"
+$Template dynCronLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>cron.log"
+$Template dynDaemonLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>daemon.log"
+$Template dynKernLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>kern.log"
+$Template dynUserLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>user.log"
+$Template dynMailLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>mail.log"
+$Template dynDebug,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>debug"
+$Template dynMessages,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>messages"
+
+# Rules
+auth,authpriv.* ?dynAuthLog
+*.*;auth,authpriv.none,mail.none,cron.none -?dynSyslog
+cron.* ?dynCronLog
+daemon.* -?dynDaemonLog
+kern.* -?dynKernLog
+mail.* -?dynMailLog
+user.* -?dynUserLog
+*.=info;*.=notice;*.=warn;\
+ auth.none,authpriv.none;\
+ cron.none,daemon.none;\
+ mail.none,news.none -?dynMessages
+<% else -%>
+# Template
+$Template dynAllMessages,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%<%= scope.lookupvar('rsyslog::server::logpath') -%>messages"
+
+# Rules
+*.* -?dynAllMessages
+<% end -%>
+
+<% # Common footer across all templates -%>
+<%= scope.function_template(['rsyslog/server/_default-footer.conf.erb']) %>
diff --git a/puppet/modules/rsyslog/templates/server-hostname.conf.erb b/puppet/modules/rsyslog/templates/server-hostname.conf.erb
new file mode 100644
index 00000000..67158d95
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/server-hostname.conf.erb
@@ -0,0 +1,41 @@
+# File is managed by puppet
+
+<% # Common header across all templates -%>
+<%= scope.function_template(['rsyslog/server/_default-header.conf.erb']) %>
+
+# Log files are stored in directories matching the hostname
+<% if scope.lookupvar('rsyslog::server::enable_onefile') == false -%>
+
+# Templates
+$Template dynAuthLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>auth.log"
+$Template dynSyslog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>syslog"
+$Template dynCronLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>cron.log"
+$Template dynDaemonLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>daemon.log"
+$Template dynKernLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>kern.log"
+$Template dynUserLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>user.log"
+$Template dynMailLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>mail.log"
+$Template dynDebug,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>debug"
+$Template dynMessages,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>messages"
+
+# Rules
+auth,authpriv.* ?dynAuthLog
+*.*;auth,authpriv.none,mail.none,cron.none -?dynSyslog
+cron.* ?dynCronLog
+daemon.* -?dynDaemonLog
+kern.* -?dynKernLog
+mail.* -?dynMailLog
+user.* -?dynUserLog
+*.=info;*.=notice;*.=warn;\
+ auth.none,authpriv.none;\
+ cron.none,daemon.none;\
+ mail.none,news.none -?dynMessages
+<% else -%>
+# Template
+$Template dynAllMessages,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%hostname%<%= scope.lookupvar('rsyslog::server::logpath') -%>messages"
+
+# Rules
+*.* -?dynAllMessages
+<% end -%>
+
+<% # Common footer across all templates -%>
+<%= scope.function_template(['rsyslog/server/_default-footer.conf.erb']) %>
diff --git a/puppet/modules/rsyslog/templates/server/_default-footer.conf.erb b/puppet/modules/rsyslog/templates/server/_default-footer.conf.erb
new file mode 100644
index 00000000..d8bd00ad
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/server/_default-footer.conf.erb
@@ -0,0 +1,13 @@
+
+# Switch back to default ruleset
+$RuleSet RSYSLOG_DefaultRuleset
+
+<% if scope.lookupvar('rsyslog::server::enable_udp') -%>
+$InputUDPServerBindRuleset remote
+$UDPServerRun <%= scope.lookupvar('rsyslog::server::port') %>
+<% end -%>
+
+<% if scope.lookupvar('rsyslog::server::enable_tcp') -%>
+$InputTCPServerBindRuleset remote
+$InputTCPServerRun <%= scope.lookupvar('rsyslog::server::port') %>
+<% end -%>
diff --git a/puppet/modules/rsyslog/templates/server/_default-header.conf.erb b/puppet/modules/rsyslog/templates/server/_default-header.conf.erb
new file mode 100644
index 00000000..4bffa858
--- /dev/null
+++ b/puppet/modules/rsyslog/templates/server/_default-header.conf.erb
@@ -0,0 +1,36 @@
+<% if scope.lookupvar('rsyslog::server::enable_udp') -%>
+# Load UDP module
+$ModLoad imudp
+<% end -%>
+
+<% if scope.lookupvar('rsyslog::server::enable_tcp') -%>
+# Load TCP module
+$ModLoad imtcp
+<% end -%>
+
+#
+<% if scope.lookupvar('rsyslog::server::high_precision_timestamps') == false -%>
+# Use traditional timestamp format.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+<% else -%>
+# Use high precision timestamp format.
+#
+$ActionFileDefaultTemplate RSYSLOG_FileFormat
+<% end -%>
+
+<% if scope.lookupvar('rsyslog::server::ssl') -%>
+# Server side SSL.
+$DefaultNetstreamDriver gtls
+
+# Cert files.
+$DefaultNetstreamDriverCAFile <%= scope.lookupvar('rsyslog::server::ssl_ca') %>
+$DefaultNetstreamDriverCertFile <%= scope.lookupvar('rsyslog::server::ssl_cert') %>
+$DefaultNetstreamDriverKeyFile <%= scope.lookupvar('rsyslog::server::ssl_key') %>
+
+$InputTCPServerStreamDriverMode 1
+$InputTCPServerStreamDriverAuthMode anon
+<% end -%>
+
+# Switch to remote ruleset
+$RuleSet remote
diff --git a/puppet/modules/rsyslog/tests/database.pp b/puppet/modules/rsyslog/tests/database.pp
new file mode 100644
index 00000000..269be696
--- /dev/null
+++ b/puppet/modules/rsyslog/tests/database.pp
@@ -0,0 +1,9 @@
+include rsyslog
+
+class { 'rsyslog::database':
+ backend => 'mysql',
+ server => 'localhost',
+ database => 'Syslog',
+ username => 'rsyslog',
+ password => 'secret',
+}
diff --git a/puppet/modules/rsyslog/tests/init.pp b/puppet/modules/rsyslog/tests/init.pp
new file mode 100644
index 00000000..7fc50c8b
--- /dev/null
+++ b/puppet/modules/rsyslog/tests/init.pp
@@ -0,0 +1 @@
+include rsyslog
diff --git a/puppet/modules/rsyslog/tests/log_templates.pp b/puppet/modules/rsyslog/tests/log_templates.pp
new file mode 100644
index 00000000..a6bf75b7
--- /dev/null
+++ b/puppet/modules/rsyslog/tests/log_templates.pp
@@ -0,0 +1,9 @@
+class { 'rsyslog::client':
+ log_templates => [
+ {
+ name => 'RFC3164fmt',
+ template => '<%PRI%>%TIMESTAMP% %HOSTNAME% %syslogtag%%msg%',
+ },
+ ],
+ actionfiletemplate => 'RFC3164fmt',
+}
diff --git a/puppet/modules/rsyslog/tests/multiple_hosts.pp b/puppet/modules/rsyslog/tests/multiple_hosts.pp
new file mode 100644
index 00000000..9e5a60ed
--- /dev/null
+++ b/puppet/modules/rsyslog/tests/multiple_hosts.pp
@@ -0,0 +1,17 @@
+class { 'rsyslog::client':
+ remote_servers => [
+ {
+ host => 'logs.example.org',
+ },
+ {
+ port => '55514',
+ },
+ {
+ host => 'logs.somewhere.com',
+ port => '555',
+ pattern => '*.log',
+ protocol => 'tcp',
+ format => 'RFC3164fmt',
+ },
+ ]
+}