Puppet Module for systemd journal remote

Build StatusReleasePuppet ForgeApache-2 License

A Puppet module for managing the systemd-journal-remote, systemd-journal-upload and systemd-journal-gatewayd services on CentOS, Debian, RedHat, Ubuntu and ArchLinux.

Source available on GitHub

Example Usage

The following example listens passively for journal events over HTTPS using Puppet certificates.

user { 'systemd-journal-remote':
groups => ['puppet'],
membership => 'minimum',
}

class { '::systemd_journal_remote::remote':
command_flags => {
'listen-https' => '0.0.0.0:19532',
'compress' => 'yes',
'output' => '/var/log/journal/remote/',
},
options => {
'SplitMode' => 'host',
'ServerKeyFile' => "/etc/puppetlabs/puppet/ssl/private_keys/${trusted['certname']}.pem",
'ServerCertificateFile' => "/etc/puppetlabs/puppet/ssl/certs/${trusted['certname']}.pem",
'TrustedCertificateFile' => '/etc/puppetlabs/puppet/ssl/certs/ca.pem',
}
}

See data types for the available options.

Default Configuration

---
# Journal Remote
systemd_journal_remote::remote::command_path: /usr/lib/systemd/systemd-journal-remote
systemd_journal_remote::remote::command_flags:
listen-http: '-3'
output: /var/log/journal/remote/

# Journal Upload
systemd_journal_remote::upload::command_path: /usr/lib/systemd/systemd-journal-upload
systemd_journal_remote::upload::command_flags:
save-state: /var/lib/systemd/journal-upload/state
url: "http://0.0.0.0:19532"

# Journal Gateway Daemon
systemd_journal_remote::gatewayd::command_path: /usr/lib/systemd/systemd-journal-gatewayd
systemd_journal_remote::gatewayd::command_flags: {}
---
systemd_journal_remote::manage_package: false
---
# Journal Remote
systemd_journal_remote::remote::command_path: /lib/systemd/systemd-journal-remote

# Journal Upload
systemd_journal_remote::upload::command_path: /lib/systemd/systemd-journal-upload

# Journal Gateway Daemon
systemd_journal_remote::gatewayd::command_path: /lib/systemd/systemd-journal-gatewayd
---
# Journal Remote
systemd_journal_remote::remote::manage_output: true

# Journal Upload
systemd_journal_remote::upload::manage_state: true
---
# Journal Remote
systemd_journal_remote::remote::command_path: /lib/systemd/systemd-journal-remote

# Journal Upload
systemd_journal_remote::upload::command_path: /lib/systemd/systemd-journal-upload

# Journal Gateway Daemon
systemd_journal_remote::gatewayd::command_path: /lib/systemd/systemd-journal-gatewayd
---
# Journal Remote
systemd_journal_remote::remote::command_path: /usr/lib/systemd/systemd-journal-remote

# Journal Upload
systemd_journal_remote::upload::command_path: /usr/lib/systemd/systemd-journal-upload

# Journal Gateway Daemon
systemd_journal_remote::gatewayd::command_path: /usr/lib/systemd/systemd-journal-gatewayd
---
systemd_journal_remote::package_name: systemd-journal-gateway

# Journal Remote
systemd_journal_remote::remote::manage_output: true

# Journal Upload
systemd_journal_remote::upload::manage_state: true

Changelog

All notable changes to this project will be documented in this file.

[0.2.0]

Breaking changes

  • Module restructured. Most ::systemd_journal_remote parameters from 0.1.0 moved to ::systemd_journal_remote::remote

Fixed

  • Flags such as --merge and --system are only used when explicitly true
  • /var/log/journal/remote/ permissions for CentOS 7 and Debian 9
  • -D and -u options incorrectly formatted

Added

  • systemd_journal_remote::upload class for systemd-journal-upload management
  • systemd_journal_remote::gatewayd class for systemd-journal-gatewayd management
  • AlmaLinux and Rocky Linux support added
  • Additional spec and acceptance tests

Changed

  • Abstract data type name changes
  • Unnecessary abstract data types removed
  • Local variables now used in private classes

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • systemd_journal_remote::gatewayd::config: This class configures the systemd-journal-gatewayd unit override
  • systemd_journal_remote::gatewayd::service: This class manages the systemd-journal-gatewayd service
  • systemd_journal_remote::remote::config: This class configures the [Remote] section of journal-remote.conf
  • systemd_journal_remote::remote::service: This class manages the systemd-journal-remote service
  • systemd_journal_remote::upload::config: This class configures the [Upload] section of journal-upload.conf
  • systemd_journal_remote::upload::service: This class manages the systemd-journal-upload service

Data types

Classes

systemd_journal_remote

This module manages and configures the systemd journal remote package

Parameters

The following parameters are available in the systemd_journal_remote class:

manage_package

Data type: Boolean

Manage the systemd-journal-remote package installation

Default value: true

package_name

Data type: String

The systemd-journal-remote package name to use

Default value: 'systemd-journal-remote'

package_ensure

Data type: Enum['latest', 'absent', 'present']

The systemd-journal-remote package state

Default value: present

systemd_journal_remote::gatewayd

This class manages and configures the systemd-journal-gatewayd service

Parameters

The following parameters are available in the systemd_journal_remote::gatewayd class:

command_path

Data type: Stdlib::Absolutepath

The service ExecStart command path

Default value: '/usr/lib/systemd/systemd-journal-gatewayd'

command_flags

Data type: Systemd_Journal_Remote::Gatewayd_Flags

The service ExecStart command flags to use

Default value: {}

manage_service

Data type: Boolean

Manage the journal-gatewayd service

Default value: true

service_enable

Data type: Boolean

Enable the journal-gatewayd service

Default value: true

service_name

Data type: String

The journal-gatewayd service name

Default value: 'systemd-journal-gatewayd'

service_ensure

Data type: Stdlib::Ensure::Service

Default value: running

systemd_journal_remote::remote

This module manages and configures the systemd journal remote package

Parameters

The following parameters are available in the systemd_journal_remote::remote class:

command_path

Data type: Stdlib::Absolutepath

The service ExecStart command path

Default value: '/usr/lib/systemd/systemd-journal-remote'

command_flags

Data type: Systemd_Journal_Remote::Remote_Flags

The service ExecStart command flags to use

Default value: {}

manage_output

Data type: Boolean

Manage the creation of the default output paths (/var/log/journal/remote/)

Default value: false

manage_service

Data type: Boolean

Manage the systemd-journal-remote service

Default value: true

service_enable

Data type: Boolean

Enable the journal-remote service

Default value: true

service_ensure

Data type: Stdlib::Ensure::Service

Ensure the journal-remote service state

Default value: running

service_name

Data type: String

The journal-remote service name

Default value: 'systemd-journal-remote'

options

Data type: Optional[Systemd_Journal_Remote::Remote_Options]

Config hash to configure the [Remote] options in journal-remote.conf

Default value: {}

systemd_journal_remote::upload

This class manages and configures the systemd journal upload service

Parameters

The following parameters are available in the systemd_journal_remote::upload class:

command_path

Data type: Stdlib::Absolutepath

The service ExecStart command path

Default value: '/usr/lib/systemd/systemd-journal-upload'

command_flags

Data type: Systemd_Journal_Remote::Upload_Flags

The service ExecStart command flags to use

Default value: {}

manage_service

Data type: Boolean

Manage the journal-upload service

Default value: true

service_enable

Data type: Boolean

Enable the journal-upload service

Default value: true

service_ensure

Data type: Stdlib::Ensure::Service

Ensure the journal-upload state

Default value: running

service_name

Data type: String

The journal-upload service name

Default value: 'systemd-journal-upload'

options

Data type: Optional[Systemd_Journal_Remote::Upload_Options]

Config hash to configure the [Upload] options in journal-upload.conf

Default value: {}

manage_state

Data type: Boolean

Default value: false

Data types

Systemd_Journal_Remote::Gatewayd_Flags

Matches systemd gatewayd options in man systemd-journal-gatewayd

Alias of

Struct[{
Optional['cert'] => Stdlib::Unixpath,
Optional['key'] => Stdlib::Unixpath,
Optional['trust'] => Variant[Stdlib::Unixpath, Enum['all']],
Optional['system'] => Variant[Boolean, Enum['true', 'false']],
Optional['user'] => Variant[Boolean, Enum['true', 'false']],
Optional['merge'] => Variant[Boolean, Enum['true', 'false']],
Optional['D'] => Stdlib::Unixpath,
Optional['directory'] => Stdlib::Unixpath,
Optional['file'] => String,
}]

Systemd_Journal_Remote::Remote_Flags

Matches systemd remote options in man systemd-journal-remote

Alias of

Struct[{
Optional['url'] => Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl],
Optional['getter'] => String,
Optional['listen-raw'] => String,
Optional['listen-http'] => Variant[String, Integer[-3, -1]],
Optional['listen-https'] => Variant[String, Integer[-3, -1]],
Optional['key'] => Stdlib::Unixpath,
Optional['cert'] => Stdlib::Unixpath,
Optional['trust'] => Variant[Stdlib::Unixpath, Enum['all']],
Optional['gnutls-log'] => String,
Optional['output'] => Stdlib::Unixpath,
Optional['gnutls-log'] => String,
Optional['split-mode'] => Enum['none','host'],
Optional['compress'] => Enum['yes','no'],
Optional['seal'] => Enum['yes','no'],
}]

Systemd_Journal_Remote::Remote_Options

Matches systemd remote options in man journal-remote.conf

Alias of

Struct[{
Optional['Seal'] => Enum['yes','no'],
Optional['SplitMode'] => Enum['host','none'],
Optional['ServerKeyFile'] => Stdlib::Absolutepath,
Optional['ServerCertificateFile'] => Stdlib::Absolutepath,
Optional['TrustedCertificateFile'] => Variant[Stdlib::Absolutepath, Enum['all']],
}]

Systemd_Journal_Remote::Upload_Flags

Matches systemd upload options in man systemd-journal-upload

Alias of

Struct[{
Optional['u'] => Variant[Stdlib::Host, Stdlib::HTTPUrl, Stdlib::HTTPSUrl],
Optional['url'] => Variant[Stdlib::Host, Stdlib::HTTPUrl, Stdlib::HTTPSUrl],
Optional['system'] => Variant[Boolean, Enum['true', 'false']],
Optional['user'] => Variant[Boolean, Enum['true', 'false']],
Optional['merge'] => Variant[Boolean, Enum['true', 'false']],
Optional['D'] => Stdlib::Unixpath,
Optional['directory'] => Stdlib::Unixpath,
Optional['file'] => String,
Optional['cursor'] => String,
Optional['after-cursor'] => String,
Optional['save-state'] => Stdlib::Unixpath,
Optional['follow'] => Boolean,
Optional['key'] => Variant[Enum['-'], Stdlib::Unixpath],
Optional['cert'] => Variant[Enum['-'], Stdlib::Unixpath],
Optional['trust'] => Variant[Enum['-', 'all'], Stdlib::Unixpath],
}]

Systemd_Journal_Remote::Upload_Options

Matches systemd upload options in man journal-upload.conf

Alias of

Struct[{
Optional['URL'] => Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl],
Optional['ServerKeyFile'] => Stdlib::Absolutepath,
Optional['ServerCertificateFile'] => Stdlib::Absolutepath,
Optional['TrustedCertificateFile'] => Stdlib::Absolutepath,
Optional['NetworkTimeoutSec'] => Variant[Integer, String],
}]