49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
---
|
|
- name: Ensure rsyslog is installed
|
|
ansible.builtin.package:
|
|
name: rsyslog
|
|
state: present
|
|
|
|
- name: Setup rsyslog client
|
|
ansible.builtin.block:
|
|
- name: Drop configuration item for syslog
|
|
ansible.builtin.template:
|
|
src: "etc/rsyslog.d/forwarder.conf"
|
|
dest: "/etc/rsyslog.d/forwarder.conf"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: restart_rsyslog
|
|
when: syslog_type == "client"
|
|
|
|
- name: Setup rsyslog server
|
|
ansible.builtin.block:
|
|
- name: Drop configuration item for syslog
|
|
ansible.builtin.template:
|
|
src: "etc/rsyslog.d/receiver.conf"
|
|
dest: "/etc/rsyslog.d/receiver.conf"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: restart_rsyslog
|
|
|
|
- name: Deploy logrotate file
|
|
ansible.builtin.file:
|
|
src: "etc/logrotate.d/syslogserver"
|
|
dest: "/etc/logrotate.d/syslogserver"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Open applicable firewall rules
|
|
ansible.posix.firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
loop:
|
|
- "514/tcp"
|
|
- "514/udp"
|
|
when: syslog_type == "server"
|
|
...
|