From 7cc7b15b363d596734397249d92cfd6cae6407a0 Mon Sep 17 00:00:00 2001 From: Santiago Perez Date: Thu, 19 Jan 2023 12:55:54 +0100 Subject: [PATCH 1/3] #36 add variables rsyslog_permissions and rsyslog_template_config_file --- defaults/main.yml | 2 ++ tasks/config.yml | 2 +- templates/etc/rsyslog.conf.j2 | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 9942eb8..6b8370d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -23,6 +23,7 @@ rsyslog_service_state: started # Owner defaults to root; there is a more secure configuration below # rsyslog_user: rsyslog # rsyslog_group: rsyslog +# rsyslog_permissions: 0640 # rsyslog_extra_groups: systemd-journal # rsyslog_user_shell: /bin/false @@ -30,6 +31,7 @@ rsyslog_service_state: started # WARNING: ownership will change to match rsyslog user and group rsyslog_work_directory: /var/spool/rsyslog rsyslog_logs_directory: /var/log +rsyslog_template_config_file: etc/rsyslog.conf.j2 rsyslog_config_file: /etc/rsyslog.conf rsyslog_include_config_path: /etc/rsyslog.d rsyslog_include_config_matcher: "{{ rsyslog_include_config_path }}/*.conf" diff --git a/tasks/config.yml b/tasks/config.yml index 0a9bb45..7ce45a5 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -2,7 +2,7 @@ - name: RSYSLOG | Deploy rsyslog configuration template: - src: etc/rsyslog.conf.j2 + src: "{{ rsyslog_template_config_file }}" dest: "{{ rsyslog_config_file }}" owner: "{{ rsyslog_user | default('root') }}" group: "{{ rsyslog_group | default('root') }}" diff --git a/templates/etc/rsyslog.conf.j2 b/templates/etc/rsyslog.conf.j2 index 9b5892a..1aae30e 100644 --- a/templates/etc/rsyslog.conf.j2 +++ b/templates/etc/rsyslog.conf.j2 @@ -49,7 +49,7 @@ $PrivDropToGroup {{ rsyslog_group | default('root') }} # $FileOwner {{ rsyslog_user | default('root') }} $FileGroup {{ rsyslog_user | default('adm') }} -$FileCreateMode 0640 +$FileCreateMode {{ rsyslog_permissions | default('0640') }} $DirCreateMode 0755 $Umask 0022 From d0dda029aeb0c80414f82d4e4ad5135e0fdaaa81 Mon Sep 17 00:00:00 2001 From: Santiago Perez Date: Thu, 19 Jan 2023 15:14:40 +0100 Subject: [PATCH 2/3] #36 fix Debian 8 tests --- defaults/main.yml | 1 + molecule/default/Dockerfile.j2 | 9 +++++++++ tasks/install.yml | 2 ++ tasks/main.yml | 7 +++++++ vars/Debian-8.yml | 2 ++ 5 files changed, 21 insertions(+) create mode 100644 vars/Debian-8.yml diff --git a/defaults/main.yml b/defaults/main.yml index 6b8370d..5492222 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,7 @@ rsyslog_package: "rsyslog" rsyslog_use_pidfile: true rsyslog_pidfile: /var/run/rsyslogd.pid +__rsyslog_force_apt: false # If you want to set a package version; else the role will install the latest version: # Debian Buster # rsyslog_package: "rsyslog=8.1901.0-1" diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2 index fd339e3..5d027a3 100644 --- a/molecule/default/Dockerfile.j2 +++ b/molecule/default/Dockerfile.j2 @@ -5,8 +5,17 @@ FROM {{ item.registry.url }}/{{ item.image }} FROM {{ item.image }} {% endif %} +# install minimal packages for debian slim images +{% if item.image == 'debian:jessie-slim' %} +RUN if [ $(command -v apt-get) ]; then \ + apt-get update \ + && apt-get install -y --force-yes python systemd systemd-sysv sudo bash ca-certificates iproute2 \ + && apt-get clean; \ + fi +{% else %} RUN if [ $(command -v apt-get) ]; then \ apt-get update \ && apt-get install -y python systemd systemd-sysv sudo bash ca-certificates iproute2 \ && apt-get clean; \ fi +{% endif %} diff --git a/tasks/install.yml b/tasks/install.yml index bb06ffc..97b81b1 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -31,6 +31,7 @@ name: "{{ rsyslog_package }}" state: present update_cache: true + force: "{{ __rsyslog_force_apt }}" cache_valid_time: 3600 register: rsyslog_core_package_installed until: rsyslog_core_package_installed is succeeded @@ -52,6 +53,7 @@ name: "{{ rsyslog_feature_packages }}" state: present update_cache: true + force: "{{ __rsyslog_force_apt }}" cache_valid_time: 3600 register: rsyslog_feature_packages_installed until: rsyslog_feature_packages_installed is succeeded diff --git a/tasks/main.yml b/tasks/main.yml index 30b1d9b..7ef141e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,4 +1,11 @@ --- +- name: Consul | Gather OS specific variables + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" + ignore_errors: true + tags: + - install - name: RSYSLOG | Install import_tasks: install.yml diff --git a/vars/Debian-8.yml b/vars/Debian-8.yml new file mode 100644 index 0000000..f7a3365 --- /dev/null +++ b/vars/Debian-8.yml @@ -0,0 +1,2 @@ +--- +__rsyslog_force_apt: true From 83fd3a3701c74002e9f8f987b0a5783473637f92 Mon Sep 17 00:00:00 2001 From: Santiago Perez Date: Thu, 19 Jan 2023 15:14:50 +0100 Subject: [PATCH 3/3] Update CHANGELOG.md --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 212abe7..5e30dfa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,14 @@ All notable changes to this project will be documented in this file. ## [Unreleased](https://github.com/idealista/rsyslog_role/tree/develop) +## [2.2.2](https://github.com/idealista/rsyslog_role/tree/2.2.2) +[Full Changelog](https://github.com/idealista/rsyslog_role/compare/2.2.1...2.2.2) +### Changed +- *[#36](https://github.com/idealista/rsyslog_role/issues/36) Parameterize config template and file permissions* @santi-eidu + +## [2.2.1](https://github.com/idealista/rsyslog_role/tree/2.2.1) +[Full Changelog](https://github.com/idealista/rsyslog_role/compare/2.2.0...2.2.1) + ### Added - [#33](https://github.com/idealista/rsyslog_role/issues/33) *[FEATURE] multifunctional role* @marcelogalmor