From ef879d37b79013cb41775fcfec1f732110a23097 Mon Sep 17 00:00:00 2001 From: Mike Riddle Date: Tue, 27 Feb 2024 15:39:43 -0500 Subject: [PATCH 1/4] (#148) Added a parameter that allows users to define rsyslog rules via hieradata Fixes #148 --- CHANGELOG | 3 +++ manifests/init.pp | 20 ++++++++++++++++++-- metadata.json | 2 +- spec/classes/init_spec.rb | 12 ++++++++++++ 4 files changed, 34 insertions(+), 3 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index e9c6589..1b72bb9 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +* Tue Feb 27 2024 Mike Riddle - 8.7.0 +- Added a parameter that allows users to define rsyslog rules via hieradata + * Mon Oct 23 2023 Steven Pritchard - 8.6.0 - Add EL9 support diff --git a/manifests/init.pp b/manifests/init.pp index f0a4a2b..9ceba0a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -112,6 +112,16 @@ # Basepath of $default_net_stream_driver_ca_file, default_net_stream_driver_cert_file, # and $default_net_stream_driver_key_file # +# @param rules +# A hash of rsyslog rules, this parameter will enable you to create rules via hieradata +# +# @example Create rules via hieradata: +# rsyslog::rules: +# '99_collect_kernel_errors.conf': +# rule: "if prifilt('kern.err') then /var/log/kernel_errors.log" +# '98_discard_info.conf': +# rule: "if prifilt('*.info') then stop" +# # @author https://github.com/simp/pupmod-simp-rsyslog/graphs/contributors # class rsyslog ( @@ -135,9 +145,9 @@ Boolean $logrotate = simplib::lookup('simp_options::logrotate', {'default_value' => false}), Variant[Boolean,Enum['simp']] $pki = simplib::lookup('simp_options::pki', {'default_value' => false}), String $app_pki_external_source = simplib::lookup('simp_options::pki::source', {'default_value' => '/etc/pki/simp/x509'}), - Stdlib::Absolutepath $app_pki_dir = '/etc/pki/simp_apps/rsyslog/x509' + Stdlib::Absolutepath $app_pki_dir = '/etc/pki/simp_apps/rsyslog/x509', + Optional[Hash] $rules = undef ) { - if $facts['rsyslogd'] and versioncmp($facts['rsyslogd']['version'], '8.24.0') < 0 { warning("${module_name}: Rsyslog version ${facts['rsyslogd']} not supported. Use ${module_name} version 7.6.4 instead") } @@ -156,4 +166,10 @@ contain 'rsyslog::config::logrotate' Class['rsyslog::service'] -> Class['rsyslog::config::logrotate'] } + + $rsyslog::rules.each |$key, $value| { + rsyslog::rule { $key: + * => $value, + } + } } diff --git a/metadata.json b/metadata.json index 6e4dc4c..bee90e7 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "simp-rsyslog", - "version": "8.6.0", + "version": "8.7.0", "author": "SIMP Team", "summary": "A puppet module to support RSyslog version 8.", "license": "Apache-2.0", diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 1d491cb..1586f91 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -319,6 +319,18 @@ it { is_expected.to contain_file(global_conf_file).with_content(global_expected) } end + context 'with a rules hash defined' do + let(:params) {{ + :rules => { + '99_collect_kernel_errors.conf' => { + :rule => "if prifilt('kern.err') then /var/log/kernel_errors.log" + } + } + }} + + it {is_expected.to contain_rsyslog__rule('99_collect_kernel_errors.conf').with_rule("if prifilt('kern.err') then /var/log/kernel_errors.log")} + end + end # end `context "on #{os}"...` end # end `on_supported_os.each...` end From 364886c27694c26fd672fa795f150dc71b345801 Mon Sep 17 00:00:00 2001 From: Mike Riddle Date: Mon, 4 Mar 2024 13:01:17 -0500 Subject: [PATCH 2/4] Added support for module hieradata and fixed some tests --- data/common.yaml | 8 ++++++++ hiera.yaml | 14 ++++++++++++++ manifests/init.pp | 8 ++++---- manifests/rule.pp | 6 ++++-- spec/classes/init_spec.rb | 6 +++--- 5 files changed, 33 insertions(+), 9 deletions(-) create mode 100644 data/common.yaml create mode 100644 hiera.yaml diff --git a/data/common.yaml b/data/common.yaml new file mode 100644 index 0000000..452070c --- /dev/null +++ b/data/common.yaml @@ -0,0 +1,8 @@ +--- +lookup_options: + rsyslog::rules: + merge: + strategy: deep + knockout_prefix: '--' + +rsyslog::rules: {} \ No newline at end of file diff --git a/hiera.yaml b/hiera.yaml new file mode 100644 index 0000000..514e2d4 --- /dev/null +++ b/hiera.yaml @@ -0,0 +1,14 @@ +--- +version: 5 +defaults: + datadir: data + data_hash: yaml_data +hierarchy: + - name: "OSFamily + Release" + path: "os/%{facts.os.family}-%{facts.os.release.major}.yaml" + - name: "OSFamily" + path: "os/%{facts.os.family}.yaml" + - name: "Kernel" + path: "os/%{facts.kernel}.yaml" + - name: "Common" + path: "common.yaml" diff --git a/manifests/init.pp b/manifests/init.pp index 9ceba0a..70ea440 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -117,10 +117,10 @@ # # @example Create rules via hieradata: # rsyslog::rules: -# '99_collect_kernel_errors.conf': -# rule: "if prifilt('kern.err') then /var/log/kernel_errors.log" -# '98_discard_info.conf': -# rule: "if prifilt('*.info') then stop" +# 'some_path/99_collect_kernel_errors.conf': +# content: "if prifilt('kern.err') then /var/log/kernel_errors.log" +# 'some_path/98_discard_info.conf': +# content: "if prifilt('*.info') then stop" # # @author https://github.com/simp/pupmod-simp-rsyslog/graphs/contributors # diff --git a/manifests/rule.pp b/manifests/rule.pp index c3b232a..996e14d 100644 --- a/manifests/rule.pp +++ b/manifests/rule.pp @@ -3,6 +3,8 @@ # This is used by the various ``rsyslog::rule::*`` Defined Types to apply rules # to the system. # +# The naming convention for the rule must be ``some_directory/rule_name.conf`` +# # Feel free to use this Defined Type to add your own rules but remember that # **order matters**! # @@ -16,8 +18,8 @@ # * 99 - Local Rules # # @example Collect All ``kern.err`` Messages -# rsyslog::rule { '99_collect_kernel_errors.conf': -# rule => "if prifilt('kern.err') then /var/log/kernel_errors.log" +# rsyslog::rule { '99_simp_local/99_collect_kernel_errors.conf': +# content => "if prifilt('kern.err') then /var/log/kernel_errors.log" # } # # @example Discard All ``info`` Messages diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 1586f91..0387f72 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -322,13 +322,13 @@ context 'with a rules hash defined' do let(:params) {{ :rules => { - '99_collect_kernel_errors.conf' => { - :rule => "if prifilt('kern.err') then /var/log/kernel_errors.log" + 'some_path/99_collect_kernel_errors.conf' => { + :content => "if prifilt('kern.err') then /var/log/kernel_errors.log" } } }} - it {is_expected.to contain_rsyslog__rule('99_collect_kernel_errors.conf').with_rule("if prifilt('kern.err') then /var/log/kernel_errors.log")} + it {is_expected.to contain_rsyslog__rule('some_path/99_collect_kernel_errors.conf').with_content("if prifilt('kern.err') then /var/log/kernel_errors.log")} end end # end `context "on #{os}"...` From 18034464188bf96d0adcccfe1990d6b410b807cf Mon Sep 17 00:00:00 2001 From: Mike Riddle Date: Mon, 4 Mar 2024 14:37:45 -0500 Subject: [PATCH 3/4] Simplified the implementation of the rules hash so we don't need supporting hieradata in the module itself --- data/common.yaml | 8 -------- hiera.yaml | 14 -------------- manifests/init.pp | 4 ++-- 3 files changed, 2 insertions(+), 24 deletions(-) delete mode 100644 data/common.yaml delete mode 100644 hiera.yaml diff --git a/data/common.yaml b/data/common.yaml deleted file mode 100644 index 452070c..0000000 --- a/data/common.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -lookup_options: - rsyslog::rules: - merge: - strategy: deep - knockout_prefix: '--' - -rsyslog::rules: {} \ No newline at end of file diff --git a/hiera.yaml b/hiera.yaml deleted file mode 100644 index 514e2d4..0000000 --- a/hiera.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -version: 5 -defaults: - datadir: data - data_hash: yaml_data -hierarchy: - - name: "OSFamily + Release" - path: "os/%{facts.os.family}-%{facts.os.release.major}.yaml" - - name: "OSFamily" - path: "os/%{facts.os.family}.yaml" - - name: "Kernel" - path: "os/%{facts.kernel}.yaml" - - name: "Common" - path: "common.yaml" diff --git a/manifests/init.pp b/manifests/init.pp index 70ea440..64706b7 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -146,7 +146,7 @@ Variant[Boolean,Enum['simp']] $pki = simplib::lookup('simp_options::pki', {'default_value' => false}), String $app_pki_external_source = simplib::lookup('simp_options::pki::source', {'default_value' => '/etc/pki/simp/x509'}), Stdlib::Absolutepath $app_pki_dir = '/etc/pki/simp_apps/rsyslog/x509', - Optional[Hash] $rules = undef + Hash $rules = {} ) { if $facts['rsyslogd'] and versioncmp($facts['rsyslogd']['version'], '8.24.0') < 0 { warning("${module_name}: Rsyslog version ${facts['rsyslogd']} not supported. Use ${module_name} version 7.6.4 instead") @@ -167,7 +167,7 @@ Class['rsyslog::service'] -> Class['rsyslog::config::logrotate'] } - $rsyslog::rules.each |$key, $value| { + $rules.each |$key, $value| { rsyslog::rule { $key: * => $value, } From 5e24a8210397d097e119c842260088a0d7d44226 Mon Sep 17 00:00:00 2001 From: Mike Riddle Date: Mon, 4 Mar 2024 15:00:03 -0500 Subject: [PATCH 4/4] Updated REFERENCE.md and minor lint fix --- REFERENCE.md | 27 +++++++++++++++++++++++++-- manifests/init.pp | 2 +- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 7bf5f35..893438b 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -52,6 +52,18 @@ been addressed. See ``rsyslog::config`` for additional, detailed configuration. +#### Examples + +##### Create rules via hieradata: + +```puppet +rsyslog::rules: + 'some_path/99_collect_kernel_errors.conf': + content: "if prifilt('kern.err') then /var/log/kernel_errors.log" + 'some_path/98_discard_info.conf': + content: "if prifilt('*.info') then stop" +``` + #### Parameters The following parameters are available in the `rsyslog` class: @@ -77,6 +89,7 @@ The following parameters are available in the `rsyslog` class: * [`pki`](#-rsyslog--pki) * [`app_pki_external_source`](#-rsyslog--app_pki_external_source) * [`app_pki_dir`](#-rsyslog--app_pki_dir) +* [`rules`](#-rsyslog--rules) ##### `service_name` @@ -288,6 +301,14 @@ and $default_net_stream_driver_key_file Default value: `'/etc/pki/simp_apps/rsyslog/x509'` +##### `rules` + +Data type: `Hash` + +A hash of rsyslog rules, this parameter will enable you to create rules via hieradata + +Default value: `{}` + ### `rsyslog::server` This class is designed to configure the externally facing interfaces for a @@ -333,6 +354,8 @@ Default value: `simplib::lookup('simp_options::tcpwrappers', { 'default_value' = This is used by the various ``rsyslog::rule::*`` Defined Types to apply rules to the system. +The naming convention for the rule must be ``some_directory/rule_name.conf`` + Feel free to use this Defined Type to add your own rules but remember that **order matters**! @@ -358,8 +381,8 @@ In general, the order will be: ##### Collect All ``kern.err`` Messages ```puppet -rsyslog::rule { '99_collect_kernel_errors.conf': - rule => "if prifilt('kern.err') then /var/log/kernel_errors.log" +rsyslog::rule { '99_simp_local/99_collect_kernel_errors.conf': + content => "if prifilt('kern.err') then /var/log/kernel_errors.log" } ``` diff --git a/manifests/init.pp b/manifests/init.pp index 64706b7..d91397e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -146,7 +146,7 @@ Variant[Boolean,Enum['simp']] $pki = simplib::lookup('simp_options::pki', {'default_value' => false}), String $app_pki_external_source = simplib::lookup('simp_options::pki::source', {'default_value' => '/etc/pki/simp/x509'}), Stdlib::Absolutepath $app_pki_dir = '/etc/pki/simp_apps/rsyslog/x509', - Hash $rules = {} + Hash $rules = {}, ) { if $facts['rsyslogd'] and versioncmp($facts['rsyslogd']['version'], '8.24.0') < 0 { warning("${module_name}: Rsyslog version ${facts['rsyslogd']} not supported. Use ${module_name} version 7.6.4 instead")