From dbf5ec1ae328d1619ea63faefe2215863b099d15 Mon Sep 17 00:00:00 2001 From: Freezed <2160318-free_zed@users.noreply.gitlab.com> Date: Sun, 13 Mar 2022 22:52:03 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20OVH/LDP=20configuration?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - TODO: integration to [system_cfg](https://lab.frogg.it/fcode/ansible/debian/-/tree/stable/tasks/system_cfg) - Product details: [OVH Log data platform](https://docs.ovh.com/fr/logs-data-platform/) - Tutorial followed:Â [How to log your Linux with syslog-ng 3.8+](https://docs.ovh.com/fr/logs-data-platform/how-to-log-your-linux/) --- Makefile | 1 + inventory.sample | 4 ++++ tasks/ldp.yml | 28 ++++++++++++++++++++++++++++ tasks/templates/ldp.conf.j2 | 32 ++++++++++++++++++++++++++++++++ 4 files changed, 65 insertions(+) create mode 100644 tasks/ldp.yml create mode 100644 tasks/templates/ldp.conf.j2 diff --git a/Makefile b/Makefile index 7413eaf..2a7c838 100644 --- a/Makefile +++ b/Makefile @@ -9,6 +9,7 @@ open_all: ${EDITOR} .gitignore inv* Makefile README.md ${EDITOR} tasks/*.yml ${EDITOR} tasks/files/sshd_config + ${EDITOR} tasks/templates/*.j2 ${EDITOR} tasks/system_cfg/*.yml ${EDITOR} tasks/system_cfg/templates/*.j2 ${EDITOR} tasks/user_cfg/*.yml diff --git a/inventory.sample b/inventory.sample index 1190cb6..2828b70 100644 --- a/inventory.sample +++ b/inventory.sample @@ -20,3 +20,7 @@ timezone="UTC" [workstation:vars] timezone="Europe/Paris" + +[all:vars] +ldp_token="put-yours-here" +ldp_zone="put-yours-here" diff --git a/tasks/ldp.yml b/tasks/ldp.yml new file mode 100644 index 0000000..c8e06b8 --- /dev/null +++ b/tasks/ldp.yml @@ -0,0 +1,28 @@ +--- +- hosts: "{{ host_list }}" + remote_user: root + + tasks: + - name: LDP | install packages + ansible.builtin.apt: + cache_valid_time: 3600 + force_apt_get: yes + pkg: + - syslog-ng + - ca-certificates + state: present + update_cache: true + + - name: LDP | syslog-ng config + ansible.builtin.template: + src: templates/ldp.conf.j2 + dest: "/etc/syslog-ng/conf.d/ldp.conf" + mode: 0640 + owner: root + group: root + + - name: LDP | restart syslog-ng deamon + ansible.builtin.systemd: + state: restarted + daemon_reload: yes + name: syslog-ng diff --git a/tasks/templates/ldp.conf.j2 b/tasks/templates/ldp.conf.j2 new file mode 100644 index 0000000..6119353 --- /dev/null +++ b/tasks/templates/ldp.conf.j2 @@ -0,0 +1,32 @@ +template ovhTemplate { + # Source: https://docs.ovh.com/fr/logs-data-platform/how-to-log-your-linux/ + + template("<${LEVEL_NUM}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} - [sdid@32473 X-OVH-TOKEN=\"{{ ldp_token }}\" pid=\"${PID}\" facility=\"${FACILITY}\" priority=\"${PRIORITY}\"] ${MSG}\n"); + template_escape(no); +}; + +destination ovhPaaSLogs { + network("{{ ldp_zone }}.logs.ovh.com" + port(6514), + template(ovhTemplate), + ts_format("iso"), + transport("tls"), + tls(peer-verify("required-trusted") ca_dir("/etc/ssl/certs/")), + keep-alive(yes), + so_keepalive(yes), + ); +}; + +destination localfile { + file("/var/log/temporaryfiletochecklogs.log"); +}; + +log { + source(s_src); + destination(ovhPaaSLogs); +}; + +log { + source(s_src); + destination(localfile); +}; -- GitLab