stop hardcoding loghost names in syslog-ng template

diff --git a/modules/syslog_ng/manifests/init.pp b/modules/syslog_ng/manifests/init.pp
index 172c2c7..9e939d7 100644 (file)
--- a/modules/syslog_ng/manifests/init.pp
+++ b/modules/syslog_ng/manifests/init.pp
@@ -3,6 +3,9 @@ class syslog_ng {
                ensure => installed
        }
 
+       $query = 'nodes[certname] { resources { type = "Class" and title = "Roles::Loghost" } }'
+       $loghosts = sort(puppetdb_query($query).map |$value| { $value["certname"] })
+
        service { 'syslog-ng':
                ensure => running,
                hasstatus => false,

diff --git a/modules/syslog_ng/templates/syslog-ng.conf.erb b/modules/syslog_ng/templates/syslog-ng.conf.erb
index 9dda8ff..4e6619e 100644 (file)
--- a/modules/syslog_ng/templates/syslog-ng.conf.erb
+++ b/modules/syslog_ng/templates/syslog-ng.conf.erb
@@ -113,7 +113,7 @@ source s_local {
 <%- end -%>
 };
 
-<%- if (@hostname == "lotti") || (@hostname == "loghost-grnet-01") || (@hostname == "loghost-osuosl-01") -%>
+<% if @loghosts and @loghosts.include?(@fqdn)-%>
 source s_network {
        tcp6(port(5140) max-connections(400)
                tls( key_file("/etc/exim4/ssl/thishost.key")
@@ -398,54 +398,31 @@ log {
 };
 <%- end -%>
 
-
- <%- if @hostname != "lotti" -%>
-destination loghost-lotti {
-       tcp("lotti.debian.org" port (5140)
-               tls( key_file("/etc/ssl/private/thishost.key")
-                    cert_file("/etc/ssl/debian/certs/thishost.crt")
-                    ca_dir("/etc/ssl/debian/certs/")
-               )
-       );
-};
- <%- end -%>
-  <%- if @hostname != "loghost-grnet-01" -%>
-destination loghost-loghost-grnet-01 {
-       tcp("loghost-grnet-01.debian.org" port (5140)
-               tls( key_file("/etc/ssl/private/thishost.key")
-                    cert_file("/etc/ssl/debian/certs/thishost.crt")
-                    ca_dir("/etc/ssl/debian/certs/")
+<% if @loghosts -%>
+  <% @loghosts.each do |loghost| -%>
+destination loghost-<%= loghost %> {
+       tcp("<%= loghost %>" port (5140)
+               tls( key_file("/etc/ssl/torproject-auto/clientkeys/thishost.key")
+                    cert_file("/etc/ssl/torproject-auto/clientcerts/thishost.crt")
+                    ca_dir("/etc/ssl/torproject-auto/clientcerts/")
                )
        );
 };
- <%- end -%>
-  <%- if @hostname != "loghost-osuosl-01" -%>
-destination loghost-loghost-osuosl-01 {
-       tcp("loghost-osuosl-01.debian.org" port (5140)
-               tls( key_file("/etc/ssl/private/thishost.key")
-                    cert_file("/etc/ssl/debian/certs/thishost.crt")
-                    ca_dir("/etc/ssl/debian/certs/")
-               )
-       );
-};
- <%- end -%>
+  <% end -%>
+<% end -%>
 
 log {
        source(s_local);
- <%- if @hostname != "lotti" -%>
-       destination(loghost-lotti);
- <%- end -%>
- <%- if @hostname != "loghost-grnet-01" -%>
-       destination(loghost-loghost-grnet-01);
- <%- end -%>
- <%- if @hostname != "loghost-osuosl-01" -%>
-       destination(loghost-loghost-osuosl-01);
- <%- end -%>
+<% if @loghosts -%>
+  <% @loghosts.each do |loghost| -%>
+    <%- if loghost != @fqdn -%>
+       destination(loghost-<%= loghost %>);
+    <% end -%>
+  <% end -%>
+<% end -%>
 };
 
-
-
-<%- if (@hostname == "lotti") || (@hostname == "loghost-grnet-01") || (@hostname == "loghost-osuosl-01") -%>
+<% if @loghosts and @loghosts.include?(@fqdn)-%>
 ###############################################################################
 ########## ON LOG HOST ########################################################
 ###############################################################################
@@ -563,4 +540,5 @@ destination fastly { file("/var/log/fastly.log"); };
 log { source(s_network_fastly);
       destination(fastly); };
 
-<%- end -%>
+
+<% end -%>