rsyslog-setup.yml at 712b818344f8ebbca25defa82ca968d38db6813a · hyperreal.bsky.moonshadow.dev/ansible-homelab

hyperreal.bsky.moonshadow.dev / ansible-homelab
Playbooks I use for my homelab
ansible-homelab / rsyslog-setup.yml
at 712b818344f8ebbca25defa82ca968d38db6813a 2.5 kB view raw
 1---
 2- hosts: debianservers,freebsdservers
 3  gather_facts: true
 4  become: true
 5  vars:
 6    etc_dir: "{% if ansible_system == 'FreeBSD' %}/usr/local/etc{% else %}/etc{% endif %}"
 7    group: "{% if ansible_system == 'FreeBSD' %}wheel{% else %}root{% endif %}"
 8
 9  tasks:
10    - name: Ensure rsyslog is installed
11      ansible.builtin.package:
12        name: rsyslog
13        state: latest
14      when: ansible_system == "Linux"
15
16    - name: Ensure rsyslog is installed
17      community.general.pkgng:
18        name: "rsyslog"
19        state: latest
20      when: ansible_system == "FreeBSD"
21
22    - name: Ensure rsyslog is enabled
23      ansible.builtin.systemd_service:
24        name: rsyslog
25        enabled: true
26        state: started
27      when: ansible_service_mgr == "systemd"
28
29    - name: Ensure rsyslog is enabled in /etc/rc.conf (FreeBSD)
30      ansible.builtin.shell: sysrc rsyslogd_enable="YES"
31      register: rsyslogd_enable
32      when: ansible_system == "FreeBSD"
33      changed_when: '"YES -> YES" not in rsyslogd_enable.stdout'
34
35    - name: Ensure syslogd is disabled in /etc/rc.conf (FreeBSD)
36      ansible.builtin.shell: sysrc syslogd_enable="NO"
37      register: syslogd_enable
38      when: ansible_system == "FreeBSD"
39      changed_when: '"YES -> NO" in syslogd_enable.stdout'
40
41    - name: Remove any forwarding file if exists
42      ansible.builtin.file:
43        path: "{{ etc_dir }}/rsyslog.d/forward.conf"
44        state: absent
45
46    - name: Get control node headnet IP address
47      ansible.builtin.shell: tailscale status | head -1 | awk '{print $1}'
48      register: ctrl_headnet_ip_addr
49      delegate_to: 127.0.0.1
50      changed_when: false
51      failed_when: ctrl_headnet_ip_addr.rc != 0
52
53    - name: Configure log forwarding
54      ansible.builtin.blockinfile:
55        path: "{{ etc_dir }}/rsyslog.d/forward.conf"
56        create: true
57        owner: root
58        group: "{{ group }}"
59        mode: 0644
60        block: |
61          # Forward to desktop.headscale.moonshadow.dev ({{ctrl_headnet_ip_addr.stdout}})
62          *.* action(type="omfwd" target="{{ctrl_headnet_ip_addr.stdout}}" port="514" protocol="tcp"
63              action.resumeRetryCount="100"
64              queue.type="linkedList" queue.size="10000")
65
66    - name: Restart rsyslog
67      ansible.builtin.systemd_service:
68        name: rsyslog
69        enabled: true
70        state: restarted
71      when: ansible_service_mgr == "systemd"
72
73    - name: Restart rsyslog
74      ansible.builtin.shell: service rsyslogd restart
75      when: ansible_service_mgr == "bsdinit"