Ajout du syslog un peu partout
This commit is contained in:
VC
@@ -78,3 +78,6 @@ voice1.dmz.mateu.be
|
||||
|
||||
[icecastservers]
|
||||
voice3.dmz.mateu.be
|
||||
|
||||
[rsyslogservers]
|
||||
syslog.dmz.mateu.be
|
||||
|
||||
@@ -8,12 +8,6 @@
|
||||
args:
|
||||
creates: /etc/nginx/dhparam.pem
|
||||
|
||||
- name: service nginx
|
||||
service:
|
||||
name: nginx
|
||||
enabled: True
|
||||
state: started
|
||||
|
||||
- name: put configuration files
|
||||
template:
|
||||
src: "{{ item.src }}"
|
||||
|
||||
@@ -5,4 +5,6 @@
|
||||
ssl_certificate_key /etc/x509/{{ item }}/{{ item }}.key;
|
||||
server_name {{ item }};
|
||||
access_log /var/log/nginx/{{ item }}.access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/nginx/{{ item }}.error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
|
||||
@@ -39,7 +39,9 @@ http {
|
||||
'"$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent"';
|
||||
access_log /var/log/nginx/access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/nginx/error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
|
||||
@@ -5,7 +5,9 @@ server {
|
||||
ssl_certificate_key /etc/x509/mm.pipoworld.fr/mm.pipoworld.fr.key;
|
||||
server_name mm.pipoworld.fr mm.nintendojo.fr;
|
||||
access_log /var/log/nginx/mm.pipoworld.fr.access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/nginx/mm.pipoworld.fr.error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
|
||||
location = / {
|
||||
rewrite ^ /cgi-bin/mailman/listinfo permanent;
|
||||
|
||||
@@ -4,7 +4,9 @@ server {
|
||||
|
||||
server_name r.mateu.be perso.nintendojo.fr perso.libertus.eu;
|
||||
access_log /var/log/nginx/r.mateu.be.access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/nginx/r.mateu.be.error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
ssl_certificate /etc/x509/r.mateu.be/fullchain.cer;
|
||||
ssl_certificate_key /etc/x509/r.mateu.be/r.mateu.be.key;
|
||||
|
||||
|
||||
@@ -5,7 +5,9 @@ server {
|
||||
ssl_certificate_key /etc/x509/intendo.fr/intendo.fr.key;
|
||||
server_name intendo.fr www.intendo.fr;
|
||||
access_log /var/log/intendo.fr.access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/intendo.fr.error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
|
||||
location / {
|
||||
return 302 https://www.nintendojo.fr$request_uri;
|
||||
|
||||
@@ -4,7 +4,9 @@ server {
|
||||
listen [::]:443 ssl http2;
|
||||
server_name nintendojo.fr www.nintendojo.fr;
|
||||
access_log /var/log/nginx/nintendojo.fr.access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/nginx/nintendojo.fr.error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
ssl_certificate /etc/x509/www.nintendojo.fr/fullchain.cer;
|
||||
ssl_certificate_key /etc/x509/www.nintendojo.fr/www.nintendojo.fr.key;
|
||||
|
||||
|
||||
@@ -4,7 +4,9 @@ server {
|
||||
|
||||
server_name z.libertus.eu autodiscover.libertus.eu;
|
||||
access_log /var/log/nginx/z.libertus.eu.access.log combined_port;
|
||||
access_log syslog:server=unix:/dev/log combined_port;
|
||||
error_log /var/log/nginx/z.libertus.eu.error.log;
|
||||
error_log syslog:server=unix:/dev/log;
|
||||
|
||||
ssl_certificate /etc/x509/z.libertus.eu/fullchain.cer;
|
||||
ssl_certificate_key /etc/x509/z.libertus.eu/z.libertus.eu.key;
|
||||
|
||||
1
roles/rsyslog/files/remote.conf
Normal file
1
roles/rsyslog/files/remote.conf
Normal file
@@ -0,0 +1 @@
|
||||
*.* @syslog.dmz.mateu.be
|
||||
11
roles/rsyslog/files/sys.conf
Normal file
11
roles/rsyslog/files/sys.conf
Normal file
@@ -0,0 +1,11 @@
|
||||
template(name="RemoteHost" type="string" string="/srv/log/%HOSTNAME%/%$YEAR%-%$MONTH%-%$DAY%.log")
|
||||
|
||||
## Loads UDP
|
||||
module(load="imudp" port="514")
|
||||
|
||||
ruleset(name="remote") {
|
||||
action(type="omfile" DynaFile="RemoteHost")
|
||||
}
|
||||
|
||||
input(type="imudp" port="514" ruleset="remote")
|
||||
|
||||
4
roles/rsyslog/handlers/main.yml
Normal file
4
roles/rsyslog/handlers/main.yml
Normal file
@@ -0,0 +1,4 @@
|
||||
- name: restart rsyslog
|
||||
service:
|
||||
name: rsyslog
|
||||
state: restarted
|
||||
17
roles/rsyslog/tasks/main.yml
Normal file
17
roles/rsyslog/tasks/main.yml
Normal file
@@ -0,0 +1,17 @@
|
||||
- name: install rsyslog
|
||||
package:
|
||||
name: rsyslog
|
||||
state: present
|
||||
|
||||
- name: put log concentration file
|
||||
copy:
|
||||
src: files/sys.conf
|
||||
dest: /etc/rsyslog.d/sys.conf
|
||||
notify: restart rsyslog
|
||||
when: "'rsyslogservers' in group_names"
|
||||
|
||||
- name: put rsyslog config file
|
||||
copy:
|
||||
src: files/remote.conf
|
||||
dest: /etc/rsyslog.d/remote.conf
|
||||
notify: restart rsyslog
|
||||
1
site.yml
1
site.yml
@@ -3,6 +3,7 @@
|
||||
- import_playbook: smtprelay.yml
|
||||
- import_playbook: borgbackup.yml
|
||||
- import_playbook: nut.yml
|
||||
- import_playbook: syslog.yml
|
||||
- import_playbook: firewall.yml
|
||||
- import_playbook: mail.yml
|
||||
- import_playbook: xmpp.yml
|
||||
|
||||
3
syslog.yml
Normal file
3
syslog.yml
Normal file
@@ -0,0 +1,3 @@
|
||||
- hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be
|
||||
roles:
|
||||
- rsyslog
|
||||
Reference in New Issue
Block a user