diff --git a/group_vars/all.yaml b/group_vars/all.yaml index 3ebfac3..8edc8a0 100644 --- a/group_vars/all.yaml +++ b/group_vars/all.yaml @@ -3,3 +3,6 @@ checks: nsca_server: 192.168.122.107 nsca_password: HISTORY_PURGED_SECRET RSYSLOG_SERVER: internal.monitoring.atlantishq.de + +# overwritten in monitoring master group var +monitoring_master: false diff --git a/group_vars/monitoring.yaml b/group_vars/monitoring.yaml new file mode 100644 index 0000000..a36d398 --- /dev/null +++ b/group_vars/monitoring.yaml @@ -0,0 +1 @@ +monitoring_master: true diff --git a/playbook.yaml b/playbook.yaml index dfd0c28..3a7f5b5 100644 --- a/playbook.yaml +++ b/playbook.yaml @@ -1,12 +1,10 @@ --- - hosts: all roles: - - monitoring-client - - monitoring-logs - - sshd-config - - rsyslog-client + - { role : monitoring-client, tags : [ "monitoring", "monitoring-client", "client"] } + - { role : sshd-config, tags : [ "sshd" ] } + - { role : rsyslog, tags : [ "rsyslog" ] } - hosts: monitoring roles: - monitoring-master - - rsyslog-server diff --git a/roles/rsyslog-client/tasks/main.yaml b/roles/rsyslog-client/tasks/main.yaml deleted file mode 100644 index 73c1e4f..0000000 --- a/roles/rsyslog-client/tasks/main.yaml +++ /dev/null @@ -1,19 +0,0 @@ -- name: Install Dependecies - apt: - pkg: - - rsyslog - state: present - -- name: Rsyslog Main config - template: - src: rsyslog.conf.j2 - dest: /etc/rsyslog.conf - mode: 0755 - notify: - - restart rsyslog - -- name: Enable and start rsyslog - systemd: - name: rsyslog.service - state: started - enabled: yes diff --git a/roles/rsyslog-client/templates/rsyslog.conf.j2 b/roles/rsyslog-client/templates/rsyslog.conf.j2 deleted file mode 100644 index 6b94773..0000000 --- a/roles/rsyslog-client/templates/rsyslog.conf.j2 +++ /dev/null @@ -1,94 +0,0 @@ -# /etc/rsyslog.conf configuration file for rsyslog -# -# For more information install rsyslog-doc and see -# /usr/share/doc/rsyslog-doc/html/configuration/index.html - - -################# -#### MODULES #### -################# - -module(load="imuxsock") # provides support for local system logging -module(load="imklog") # provides kernel logging support -#module(load="immark") # provides --MARK-- message capability - -# provides UDP syslog reception -#module(load="imudp") -#input(type="imudp" port="514") - -# provides TCP syslog reception -#module(load="imtcp") -#input(type="imtcp" port="514") - - -########################### -#### GLOBAL DIRECTIVES #### -########################### - -# -# Use traditional timestamp format. -# To enable high precision timestamps, comment out the following line. -# -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat - -# -# Set the default permissions for all log files. -# -$FileOwner root -$FileGroup adm -$FileCreateMode 0640 -$DirCreateMode 0755 -$Umask 0022 - -# -# Where to place spool and state files -# -$WorkDirectory /var/spool/rsyslog - -# -# Include all config files in /etc/rsyslog.d/ -# -$IncludeConfig /etc/rsyslog.d/*.conf - - -############### -#### RULES #### -############### - -# -# First some standard log files. Log by facility. -# -auth,authpriv.* /var/log/auth.log -*.*;auth,authpriv.none -/var/log/syslog -#cron.* /var/log/cron.log -daemon.* -/var/log/daemon.log -kern.* -/var/log/kern.log -lpr.* -/var/log/lpr.log -mail.* -/var/log/mail.log -user.* -/var/log/user.log - -# -# Logging for the mail system. Split it up so that -# it is easy to write scripts to parse these files. -# -mail.info -/var/log/mail.info -mail.warn -/var/log/mail.warn -mail.err /var/log/mail.err - -# -# Some "catch-all" log files. -# -*.=debug;\ - auth,authpriv.none;\ - mail.none -/var/log/debug -*.=info;*.=notice;*.=warn;\ - auth,authpriv.none;\ - cron,daemon.none;\ - mail.none -/var/log/messages - -# -# Emergencies are sent to everybody logged in. -# -#*.emerg :omusrmsg:* - -*. * @@{{ RSYSLOG_SERVER }}:514 diff --git a/roles/rsyslog-server/meta/main.yml b/roles/rsyslog-server/meta/main.yml deleted file mode 100644 index c808c92..0000000 --- a/roles/rsyslog-server/meta/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -dependencies: - - global-handlers diff --git a/roles/rsyslog-client/meta/main.yml b/roles/rsyslog/meta/main.yml similarity index 100% rename from roles/rsyslog-client/meta/main.yml rename to roles/rsyslog/meta/main.yml diff --git a/roles/rsyslog-server/tasks/main.yaml b/roles/rsyslog/tasks/main.yaml similarity index 70% rename from roles/rsyslog-server/tasks/main.yaml rename to roles/rsyslog/tasks/main.yaml index e92953f..5b2aaeb 100644 --- a/roles/rsyslog-server/tasks/main.yaml +++ b/roles/rsyslog/tasks/main.yaml @@ -5,6 +5,13 @@ - rsyslog-pgsql state: present +- name: Install rsyslog psql on master + apt: + pkg: + - rsyslog-pgsql + state: present + when: monitoring_master + - name: Rsyslog Main config template: src: rsyslog.conf.j2 @@ -15,8 +22,8 @@ - name: Rsyslog Database config template: - src: psql.conf.j2 - dest: /etc/rsyslog.d/psql.conf + src: pgsql.conf.j2 + dest: /etc/rsyslog.d/pgsql.conf mode: 0755 notify: - restart rsyslog diff --git a/roles/rsyslog-server/templates/pgsql.conf b/roles/rsyslog/templates/pgsql.conf.j2 similarity index 100% rename from roles/rsyslog-server/templates/pgsql.conf rename to roles/rsyslog/templates/pgsql.conf.j2 diff --git a/roles/rsyslog-server/templates/rsyslog.conf.j2 b/roles/rsyslog/templates/rsyslog.conf.j2 similarity index 93% rename from roles/rsyslog-server/templates/rsyslog.conf.j2 rename to roles/rsyslog/templates/rsyslog.conf.j2 index f261a99..09fe0e0 100644 --- a/roles/rsyslog-server/templates/rsyslog.conf.j2 +++ b/roles/rsyslog/templates/rsyslog.conf.j2 @@ -16,9 +16,10 @@ module(load="imklog") # provides kernel logging support #module(load="imudp") #input(type="imudp" port="514") -# provides TCP syslog reception +{% if monitoring_master %} module(load="imtcp") input(type="imtcp" port="514") +{% endif %} ########################### @@ -86,11 +87,10 @@ mail.err /var/log/mail.err cron,daemon.none;\ mail.none -/var/log/messages +{% if not monitoring_master %} $CreateDirs on $template RemoteLogs,"/var/log/rsyslog/%HOSTNAME%/%PROGRAMNAME%.log" *.* ?RemoteLogs - -# -# Emergencies are sent to everybody logged in. -# -#*.emerg :omusrmsg:* +{% else %} +*. * @@{{ RSYSLOG_SERVER }}:514 +{% endif %}