X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=templates%2Fsyslog-ng.conf.erb;h=8ea828d69b89da9ee743031baa20b7e3560ae067;hb=5225ae8b10af48b44141003688115c10d5f969a1;hp=77cfabba05f9cdc817e77aeeff3fc36258b87b81;hpb=caf7ac543d4a51ec23cc8d1e945d176948089ab2;p=mirror%2Fdsa-puppet.git diff --git a/templates/syslog-ng.conf.erb b/templates/syslog-ng.conf.erb index 77cfabba0..8ea828d69 100644 --- a/templates/syslog-ng.conf.erb +++ b/templates/syslog-ng.conf.erb @@ -1,4 +1,4 @@ -<%- if syslogversion == "3" -%> +<%- if has_variable?("syslogversion") and syslogversion.to_s == "3" -%> @version: 3.0 <%- end -%> ## @@ -82,7 +82,7 @@ options { # is not a real hostname. bad_hostname("^gconfd$"); -<%- if hostname == "heininen" -%> +<%- if (hostname == "heininen") || (hostname == "lotti") -%> # we trust our mutual authenticated syslog clients keep_hostname(yes); <%- end -%> @@ -102,7 +102,7 @@ source s_local { # function to send logs to) unix-stream("/dev/log"); # messages from the kernel -<%- if syslogversion == "2" -%> +<%- if has_variable?("syslogversion") and syslogversion.to_s == "2" -%> file("/proc/kmsg" log_prefix("kernel: ")); <%- else -%> file("/proc/kmsg" program_override("kernel: ")); @@ -112,7 +112,7 @@ source s_local { # function to send logs to) unix-dgram("/var/run/log"); # messages from the kernel -<%- if syslogversion == "2" -%> +<%- if has_variable?("syslogversion") and syslogversion.to_s == "2" -%> file("/dev/klog" log_prefix("kernel: ")); <%- else -%> file("/dev/klog" program_override("kernel: ")); @@ -125,7 +125,7 @@ source s_local { <%- end -%> }; -<%- if hostname == "heininen" -%> +<%- if (hostname == "heininen") || (hostname == "lotti") -%> source s_network { tcp6(port(5140) max-connections(200) tls( key_file("/etc/exim4/ssl/thishost.key") @@ -403,8 +403,8 @@ log { <%- end -%> -<%- if hostname != "heininen" -%> - <%- if syslogversion == "3" -%> +<%- if has_variable?("syslogversion") and syslogversion.to_s == "3" -%> + <%- if hostname != "heininen" -%> destination loghost-heininen { tcp("heininen.debian.org" port (5140) tls( key_file("/etc/ssl/debian/keys/thishost.key") @@ -413,18 +413,32 @@ destination loghost-heininen { ) ); }; - + <%- end -%> + <%- if hostname != "lotti" -%> +destination loghost-lotti { + tcp("lotti.debian.org" port (5140) + tls( key_file("/etc/ssl/debian/keys/thishost.key") + cert_file("/etc/ssl/debian/certs/thishost.crt") + ca_dir("/etc/ssl/debian/certs/") + ) + ); +}; + <%- end -%> log { source(s_local); + <%- if hostname != "heininen" -%> destination(loghost-heininen); -}; <%- end -%> + <%- if hostname != "lotti" -%> + destination(loghost-lotti); + <%- end -%> +}; <%- end -%> -<%- if hostname == "heininen" -%> +<%- if (hostname == "heininen") || (hostname == "lotti") -%> ############################################################################### ########## ON LOG HOST ######################################################## ############################################################################### @@ -433,50 +447,51 @@ log { # The log server, additionally, also logs all local and remote messages to # a few special places. destination hostdest_auth { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/auth.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_syslog { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/syslog" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_cron { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/cron.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_daemon { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/daemon.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_kern { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/kern.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_lpr { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/lpr.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_mail { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/mail.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_news { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/news.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_user { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/user.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_uucp { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/uucp.log" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_debug { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/debug" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_messages { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/messages" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; #---------------------------------------------------------------------- # Special catch all destination hostdest_sorting by host #---------------------------------------------------------------------- destination hostdest_facility_dot_info { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.info" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_facility_dot_notice { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.notice" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_facility_dot_warn { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.warn" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_facility_dot_err { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.err" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; destination hostdest_facility_dot_crit { file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.crit" - owner(root) group(adm) perm(0640) dir_perm(0750) create_dirs(yes) dir_owner(root) dir_group(adm)); }; + owner(root) group(adm) perm(0640) dir_perm(0755) create_dirs(yes) dir_owner(root) dir_group(adm)); }; #---------------------------------------------------------------------- # Catch all log files #---------------------------------------------------------------------- destination df_ALL_auth { file("/var/log/auth-all.log"); }; +destination df_ALL_mail { file("/var/log/mail-all.log"); }; destination df_ALL_syslog { file("/var/log/syslog-all"); }; log { source(s_local); @@ -528,6 +543,9 @@ log { source(s_local); log { source(s_local); source(s_network); filter(f_auth); destination(df_ALL_auth); }; +log { source(s_local); + source(s_network); + filter(f_mail); destination(df_ALL_mail); }; log { source(s_local); source(s_network); filter(f_syslog); destination(df_ALL_syslog); };