-
Notifications
You must be signed in to change notification settings - Fork 29
/
deploy_nolog.yml
66 lines (61 loc) · 2.33 KB
/
deploy_nolog.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
---
# SPDX-License-Identifier: GPL-3.0-only
# If the input/output has a possibility to reveal some sensitive data,
# include this deploy_nolog.yml file.
# See tasks/outputs/elasticsearch/main.yml for an examle.
- name: Install/Update required packages
package:
name: "{{ __rsyslog_packages }}"
state: present
use: "{{ (__logging_is_ostree | d(false)) |
ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
when:
- __rsyslog_packages | length > 0
- not rsyslog_in_image | bool
notify: Restart rsyslogd
- name: Generate role configuration files in rsyslog.d with no_log
template:
src: 'rules.conf.j2'
dest: '{{ inner_item.path |
d(__rsyslog_config_dir) }}/{{ inner_item.filename | d((inner_item.weight
if inner_item.weight | d() else
rsyslog_weight_map[inner_item.type | d("rules")]) +
"-" + (inner_item.name | d("rules")) + "." +
(inner_item.suffix | d("conf"))) }}'
owner: '{{ inner_item.owner | d("root") }}'
group: '{{ inner_item.group | d("root") }}'
mode: '{{ inner_item.mode | d("0644") }}'
loop: '{{ __rsyslog_rules | flatten }}'
loop_control:
loop_var: inner_item
no_log: true
when:
- __rsyslog_enabled | bool
- inner_item.state is undefined or inner_item.state != 'absent'
- inner_item.filename | d() or inner_item.name | d()
- inner_item.options | d() or inner_item.sections | d()
notify: Restart rsyslogd
register: __rsyslog_deploy_nolog_templates
- name: Add deployed templates to global list
set_fact:
__rsyslog_template_results: "{{
__rsyslog_template_results + [__rsyslog_deploy_nolog_templates] }}"
- name: Remove role config files from rsyslog.d with no_log
file:
path: '{{ inner_item.path |
d(__rsyslog_config_dir) }}/{{ inner_item.filename | d((inner_item.weight
if inner_item.weight | d() else
rsyslog_weight_map[inner_item.type | d("rules")]) +
"-" + (inner_item.name | d("rules")) + "." +
(inner_item.suffix | d("conf"))) }}'
state: absent
loop: '{{ __rsyslog_rules | flatten }}'
loop_control:
loop_var: inner_item
no_log: true
when:
- (not __rsyslog_enabled | bool) or
(inner_item.state | d('present') == 'absent')
- inner_item.filename | d() or inner_item.name | d()
- inner_item.options | d() or inner_item.sections | d()
notify: Restart rsyslogd