Fun with puppet and rsyslog
Today I switched from syslog-ng to rsyslog, I am also working with puppet nowadays, I wrote a module for puppet that provides my syslog clients with their certificates (I use TLS to secure the transport)
Below is the module I wrote for puppet, the script I wrote to generate certificates for the client machine store the certificates into the files area of the module.
class rsyslog-client {
package { "rsyslog":
ensure => present,
}
package { "rsyslog-gnutls":
ensure => present,
}
service { "rsyslog":
ensure => running,
}
host { "loghost":
ensure => present,
name => "loghost",
ip => "$loghost",
}
file { "/etc/rsyslog":
ensure => directory,
}
file { "/etc/rsyslog/$fqdn.key.pem":
owner => root,
group => root,
source => "puppet:///rsyslog-client/$fqdn.key.pem",
ensure => file,
notify => service["rsyslog"],
}
file { "/etc/rsyslog/$fqdn.pem":
owner => root,
group => root,
source => "puppet:///rsyslog-client/$fqdn.pem",
ensure => file,
notify => service["rsyslog"],
}
file { "/etc/rsyslog/ca.pem":
owner => root,
group => root,
source => "puppet:///rsyslog-client/ca.pem",
ensure => file,
notify => service["rsyslog"],
}
file { "/etc/rsyslog.conf":
owner => root,
group => root,
content => template("rsyslog-client/rsyslog.conf.erb"),
ensure => file,
require => package["rsyslog"],
notify => service["rsyslog"]
}
}
I’ll post my rsyslog.conf of the central loghost when I have written a decent one.
Related posts:
- A central loghost As promised in my previous post, my configuration for a...
- Puppet I’m tinkering around with puppet lately. For those who don’t...
- Setting up jabberd2 Today I’ve setup a jabber daemon, more specific jabberd2 following...
- Using syslog-ng as a central loghost Today I woke up and found out that syslog-ng 3.0...
Related posts brought to you by Yet Another Related Posts Plugin.
No comments
Jump to comment form | comments rss [?] | trackback uri [?]