X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=templates%2Fsyslog-ng.conf.erb;h=ac214c252365cc1ffdfcb8355ffe2dec9a205961;hb=f8063eba588ec4430e669860035d4f079b1dc0cf;hp=f21ccc5f6fc01d524293992118ddaaff2e177549;hpb=c7241fdd5a581b761c7f8851a8bd8d9245c84d9c;p=mirror%2Fdsa-puppet.git

diff --git a/templates/syslog-ng.conf.erb b/templates/syslog-ng.conf.erb
index f21ccc5f6..ac214c252 100644
--- a/templates/syslog-ng.conf.erb
+++ b/templates/syslog-ng.conf.erb
@@ -1,6 +1,6 @@
-<% if syslogversion == "3" -%>
+<%- if syslogversion == "3" -%>
 @version: 3.0
-<%end%>
+<%- end -%>
 ##
 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
@@ -81,6 +81,12 @@ options {
 	# we tell the syslog-ng that if a hostname match this regexp than that
 	# is not a real hostname.
 	bad_hostname("^gconfd$");
+
+<%- if hostname == "heininen" -%>
+	# we trust our mutual authenticated syslog clients
+	keep_hostname(yes);
+<%- end -%>
+
 };
 
 
@@ -91,44 +97,44 @@ options {
 source s_all {
         # message generated by Syslog-NG
         internal();
-<% if kernel == 'Linux' %>
+<%- if kernel == 'Linux' -%>
         # standard Linux log source (this is the default place for the syslog()
         # function to send logs to)
         unix-stream("/dev/log");
         # messages from the kernel
-<% if syslogversion == "2" -%>
+<%- if syslogversion == "2" -%>
         file("/proc/kmsg" log_prefix("kernel: "));
-<% else %>
+<%- else -%>
         file("/proc/kmsg" program_override("kernel: "));
-<%end%>
-<%else%>
+<%- end -%>
+<%- else -%>
         # standard Linux log source (this is the default place for the syslog()
         # function to send logs to)
         unix-dgram("/var/run/log");
         # messages from the kernel
-<% if syslogversion == "2" -%>
+<%- if syslogversion == "2" -%>
         file("/dev/klog" log_prefix("kernel: "));
-<% else %>
+<%- else -%>
         file("/dev/klog" program_override("kernel: "));
-<%end%>
-<%end%>
-<% if hostname == "paganini" -%>
+<%- end -%>
+<%- end -%>
+<%- if hostname == "paganini" -%>
         # use the following line if you want to receive remote UDP logging messages
         # (this is equivalent to the "-r" syslogd flag)
         udp();
-<%end%>
+<%- end -%>
 };
 
-<% if hostname == "heininen" -%>
+<%-  if hostname == "heininen" -%>
 source s_network {
-	tcp6(port(5140)
+	tcp6(port(5140) max-connections(200)
 		tls( key_file("/etc/exim4/ssl/thishost.key")
-		     cert_file("/etc/exim4/ssl/thishost.cert")
+		     cert_file("/etc/exim4/ssl/thishost.crt")
 		     ca_dir("/etc/exim4/ssl/")
 		)
 	);
 };
-<%end%>
+<%- end -%>
 
 
 ######
@@ -167,12 +173,12 @@ destination df_news_dot_crit { file("/var/log/news/news.crit" owner("news")); };
 destination df_debug { file("/var/log/debug"); };
 destination df_messages { file("/var/log/messages"); };
 
-<% if kernel == 'Linux' %>
+<%- if kernel == 'Linux' -%>
 # pipes
 # a console to view log messages under X
 destination dp_xconsole { pipe("/dev/xconsole"); };
 
-<% end %>
+<%- end -%>
 # consoles
 # this will send messages to everyone logged in
 destination du_all { usertty("*"); };
@@ -221,7 +227,7 @@ filter f_messages {
 # messages with priority emerg
 filter f_emerg { level(emerg); };
 
-<% if kernel == 'Linux' %>
+<%- if kernel == 'Linux' -%>
 # complex filter for messages usually sent to the xconsole
 filter f_xconsole {
     facility(daemon,mail)
@@ -230,7 +236,7 @@ filter f_xconsole {
                 and level(crit,err,notice));
 };
 
-<% end %>
+<%- end -%>
 ######
 # logs
 # order matters if you use "flags(final);" to mark the end of processing in a
@@ -241,9 +247,9 @@ filter f_xconsole {
 # auth,authpriv.*                 /var/log/auth.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_auth);
         destination(df_auth);
 };
@@ -251,9 +257,9 @@ log {
 # *.*;auth,authpriv.none          -/var/log/syslog
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_syslog);
         destination(df_syslog);
 };
@@ -269,9 +275,9 @@ log {
 # daemon.*                        -/var/log/daemon.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_daemon);
         destination(df_daemon);
 };
@@ -279,9 +285,9 @@ log {
 # kern.*                          -/var/log/kern.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_kern);
         destination(df_kern);
 };
@@ -289,9 +295,9 @@ log {
 # lpr.*                           -/var/log/lpr.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_lpr);
         destination(df_lpr);
 };
@@ -299,9 +305,9 @@ log {
 # mail.*                          -/var/log/mail.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_mail);
         destination(df_mail);
 };
@@ -309,9 +315,9 @@ log {
 # user.*                          -/var/log/user.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_user);
         destination(df_user);
 };
@@ -319,9 +325,9 @@ log {
 # uucp.*                          /var/log/uucp.log
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_uucp);
         destination(df_uucp);
 };
@@ -329,9 +335,9 @@ log {
 # mail.info                       -/var/log/mail.info
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_mail);
         filter(f_at_least_info);
         destination(df_mail_info);
@@ -340,9 +346,9 @@ log {
 # mail.warn                       -/var/log/mail.warn
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_mail);
         filter(f_at_least_warn);
         destination(df_mail_warn);
@@ -351,9 +357,9 @@ log {
 # mail.err                        /var/log/mail.err
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_mail);
         filter(f_at_least_err);
         destination(df_mail_err);
@@ -362,9 +368,9 @@ log {
 # news.crit                       /var/log/news/news.crit
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_news);
         filter(f_at_least_crit);
         destination(df_news_dot_crit);
@@ -373,9 +379,9 @@ log {
 # news.err                        /var/log/news/news.err
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_news);
         filter(f_at_least_err);
         destination(df_news_dot_err);
@@ -384,9 +390,9 @@ log {
 # news.notice                     /var/log/news/news.notice
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_news);
         filter(f_at_least_notice);
         destination(df_news_dot_notice);
@@ -398,9 +404,9 @@ log {
 #         news.none;mail.none     -/var/log/debug
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_debug);
         destination(df_debug);
 };
@@ -412,9 +418,9 @@ log {
 #         mail,news.none          -/var/log/messages
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_messages);
         destination(df_messages);
 };
@@ -422,36 +428,44 @@ log {
 # *.emerg                         *
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_emerg);
         destination(du_all);
 };
 
 
-<% if kernel == 'Linux' %>
+<%- if kernel == 'Linux' -%>
 # daemon.*;mail.*;\
 #         news.crit;news.err;news.notice;\
 #         *.=debug;*.=info;\
 #         *.=notice;*.=warn       |/dev/xconsole
 log {
         source(s_all);
-<% if hostname == "heininen" -%>
+<%- if hostname == "heininen" -%>
         source(s_network);
-<% end %>
+<%- end -%>
         filter(f_xconsole);
         destination(dp_xconsole);
 };
-<%end%>
-
-<% if hostname == "corelli" -%>
-destination loghost-paganini {
-	udp("192.168.2.10",port(514));
+<%- end -%>
+
+<%- if hostname != "heininen" -%>
+ <%- if syslogversion == "3" -%>
+destination loghost-heininen {
+	tcp("heininen.debian.org" port (5140)
+		tls( key_file("/etc/ssl/debian/keys/thishost.key")
+		     cert_file("/etc/ssl/debian/certs/thishost.crt")
+		     ca_dir("/etc/ssl/debian/certs/")
+		)
+	);
 };
 
+
 log {
 	source(s_all);
-	destination(loghost-paganini);
+	destination(loghost-heininen);
 };
-<%end%>
+ <%- end -%>
+<%- end -%>