remote-logging-setup.yml at 603bb9a89e6d34ef14e9566dd963bc1214e466cc · hyperreal.bsky.moonshadow.dev/ansible-homelab

hyperreal.bsky.moonshadow.dev / ansible-homelab
Playbooks I use for my homelab
ansible-homelab / remote-logging-setup.yml
at 603bb9a89e6d34ef14e9566dd963bc1214e466cc 2.8 kB view raw
 1- hosts: remote_logging_clients
 2  gather_facts: true
 3  become: true
 4  tasks:
 5    - name: Ensure syslog-ng is installed
 6      ansible.builtin.package:
 7        name: syslog-ng
 8        state: latest
 9      when: ansible_system == "Linux"
10    - name: Ensure syslog-ng is enabled
11      ansible.builtin.systemd_service:
12        name: syslog-ng
13        enabled: true
14        state: started
15      when: ansible_service_mgr == "systemd"
16    - name: Remove any forwarding file if exists
17      ansible.builtin.file:
18        path: /etc/syslog-ng/conf.d/forward.conf
19        state: absent
20      when: ansible_system == "Linux"
21    - name: Get remote logging server tailnet IP address
22      ansible.builtin.shell: tailscale status | grep "nas-aux" | awk '{print $1}'
23      register: ctrl_tailnet_ip_addr
24      changed_when: false
25      failed_when: ctrl_tailnet_ip_addr.rc != 0
26    - name: Configure log forwarding (Debian)
27      ansible.builtin.blockinfile:
28        path: /etc/syslog-ng/conf.d/forward.conf
29        create: true
30        owner: root
31        group: root
32        mode: 0644
33        block: |
34          # Forward to nas-aux ({{ctrl_tailnet_ip_addr.stdout}})
35          destination d_ewmm {
36            syslog-ng(server("{{ctrl_tailnet_ip_addr.stdout}}"));
37          };
38
39          log {
40            source(s_src);
41            destination(d_ewmm);
42          };
43      when: ansible_os_family == "Debian"
44    - name: Configure log forwarding (Red Hat)
45      ansible.builtin.blockinfile:
46        path: /etc/syslog-ng/conf.d/forward.conf
47        create: true
48        owner: root
49        group: root
50        mode: 0644
51        block: |
52          # Forward to nas-aux ({{ctrl_tailnet_ip_addr.stdout}})
53          destination d_ewmm {
54            syslog-ng(server("{{ctrl_tailnet_ip_addr.stdout}}"));
55          };
56
57          log {
58            source(s_sys);
59            destination(d_ewmm);
60          };
61      when: ansible_os_family == "RedHat"
62    - name: Restart syslog-ng
63      ansible.builtin.systemd_service:
64        name: syslog-ng
65        enabled: true
66        state: restarted
67      when: ansible_service_mgr == "systemd"
68    - name: Set syslog flags for remote logging on FreeBSD
69      ansible.builtin.shell: sysrc syslog_flags="-s -v -v"
70      register: set_syslog_flags
71      changed_when: '"syslog_flags:  -> YES" in set_syslog_flags.stdout'
72      when: ansible_service_mgr == "bsdinit"
73    - name: Set log forwarding on FreeBSD
74      ansible.builtin.lineinfile:
75        path: /etc/syslog.conf
76        regexp: '^\*\.\*'
77        line: "*.* @{{ctrl_tailnet_ip_addr.stdout}}"
78        owner: root
79        group: wheel
80        mode: 0644
81      when: ansible_system == "FreeBSD"
82    - name: Restart syslogd
83      ansible.builtin.service:
84        name: syslogd
85        state: restarted
86      when: ansible_service_mgr == "bsdinit"