From: Hendrik Jaeger Date: Wed, 3 Jul 2024 10:14:30 +0000 (+0200) Subject: fix template and deploy config file again X-Git-Url: https://git.netwichtig.de/gitweb/?a=commitdiff_plain;h=8feca24b106b0f4236add0689214a7fc075cde8f;p=user%2Fhenk%2Fcode%2Fpuppet%2Fmodules%2Flogcheck.git fix template and deploy config file again --- diff --git a/manifests/init.pp b/manifests/init.pp index 71e6f88..a353b9e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -7,6 +7,10 @@ class logcheck ( ; } file { + '/etc/logcheck/logcheck.conf': + ensure => present, + content => template('logcheck/etc/logcheck/logcheck.conf.erb'), + ; '/etc/logcheck/ignore.d.server/': ensure => directory, source => 'puppet:///modules/logcheck/etc/logcheck/ignore.d.server/', diff --git a/templates/etc/logcheck/logcheck.conf b/templates/etc/logcheck/logcheck.conf deleted file mode 100644 index 8509ea3..0000000 --- a/templates/etc/logcheck/logcheck.conf +++ /dev/null @@ -1,85 +0,0 @@ -# The following variable settings are the initial default values, -# which can be uncommented and modified to alter logcheck's behaviour - -# Controls the format of date-/time-stamps in subject lines: -# Alternatively, set the format to suit your locale - -#DATE="$(date +'%Y-%m-%d %H:%M')" - -# Controls the presence of boilerplate at the top of each message: -# Alternatively, set to "0" to disable the introduction. -# -# If the files /etc/logcheck/header.txt and /etc/logcheck/footer.txt -# are present their contents will be read and used as the header and -# footer of any generated mails. - -#INTRO=1 - -# Controls the level of filtering: -# Can be Set to "workstation", "server" or "paranoid" for different -# levels of filtering. Defaults to server if not set. - -REPORTLEVEL="<%= reportlevel %>" - -# Controls the address mail goes to: -# *NOTE* the script does not set a default value for this variable! -# Should be set to an offsite "emailaddress@some.domain.tld" - -SENDMAILTO="logcheck" - -# Send the results as attachment or not. -# 0=not as attachment; 1=as attachment; 2=as gzip attachment -# Default is 0 - -MAILASATTACH=0 - -# Should the hostname in the subject of generated mails be fully qualified? - -FQDN=1 - -# Controls whether "sort -u" is used on log entries (which will -# eliminate duplicates but destroy the original ordering); the -# default is to use "sort -k 1,3 -s": -# Alternatively, set to "1" to enable unique sorting - -#SORTUNIQ=0 - -# Controls whether /etc/logcheck/cracking.ignore.d is scanned for -# exceptions to the rules in /etc/logcheck/cracking.d: -# Alternatively, set to "1" to enable cracking.ignore support - -#SUPPORT_CRACKING_IGNORE=0 - -# Controls the base directory for rules file location -# This must be an absolute path - -#RULEDIR="/etc/logcheck" - -# Controls if syslog-summary is run over each section. -# Alternatively, set to "1" to enable extra summary. -# HINT: syslog-summary needs to be installed. - -#SYSLOGSUMMARY=0 - -# Controls Subject: lines on logcheck reports: - -#ATTACKSUBJECT="Security Alerts" -#SECURITYSUBJECT="Security Events" -#EVENTSSUBJECT="System Events" - -# Controls [logcheck] prefix on Subject: lines - -#ADDTAG="no" - -# Set a different location for temporary files than /tmp -# this is useful if your /tmp is small and you are getting -# errors such as: -# cp: writing `/tmp/logcheck.y12449/checked': No space left on device -# /usr/sbin/logcheck: line 161: cannot create temp file for here document: No space left on device -# mail: /tmp/mail.RsXXXXpc2eAx: No space left on device -# Null message body; hope that's ok -# -# If this is happening, likely you will want to change the following to be some other -# location, such as /var/tmp - -TMP="/tmp" diff --git a/templates/etc/logcheck/logcheck.conf.erb b/templates/etc/logcheck/logcheck.conf.erb new file mode 100644 index 0000000..43cb5a6 --- /dev/null +++ b/templates/etc/logcheck/logcheck.conf.erb @@ -0,0 +1,96 @@ +# The following variable settings are the initial default values, +# which can be uncommented and modified to alter logcheck's behaviour + +# Controls the format of date-/time-stamps in subject lines: +# Alternatively, set the format to suit your locale + +#DATE="$(date +'%Y-%m-%d %H:%M')" + +# Controls the presence of boilerplate at the top of each message: +# Alternatively, set to "0" to disable the introduction. +# +# If the files /etc/logcheck/header.txt and /etc/logcheck/footer.txt +# are present their contents will be read and used as the header and +# footer of any generated mails. + +#INTRO=1 + +# Controls the level of filtering: +# Can be Set to "workstation", "server" or "paranoid" for different +# levels of filtering. Defaults to server if not set. + +REPORTLEVEL="<%= @reportlevel %>" + +# Controls the address mail goes to: +# *NOTE* the script does not set a default value for this variable! +# Should be set to an offsite "emailaddress@some.domain.tld" + +SENDMAILTO="logcheck" + +# Send the results as attachment or not. +# 0=not as attachment; 1=as attachment; 2=as gzip attachment +# Default is 0 + +MAILASATTACH=0 + +# Should the hostname in the subject of generated mails be fully qualified? + +FQDN=1 + +# Controls whether "sort -u" is used on log entries (which will +# eliminate duplicates but destroy the original ordering); the +# default is to use "sort -k 1,3 -s": +# Alternatively, set to "1" to enable unique sorting + +#SORTUNIQ=0 + +# Controls whether /etc/logcheck/cracking.ignore.d is scanned for +# exceptions to the rules in /etc/logcheck/cracking.d: +# Alternatively, set to "1" to enable cracking.ignore support + +#SUPPORT_CRACKING_IGNORE=0 + +# Controls the base directory for rules file location +# This must be an absolute path + +#RULEDIR="/etc/logcheck" + +# Controls if syslog-summary is run over each section. +# Alternatively, set to "1" to enable extra summary. +# HINT: syslog-summary needs to be installed. + +#SYSLOGSUMMARY=0 + +# Controls Subject: lines on logcheck reports: + +#ATTACKSUBJECT="Security Alerts" +#SECURITYSUBJECT="Security Events" +#EVENTSSUBJECT="System Events" + +# Controls [logcheck] prefix on Subject: lines + +#ADDTAG="no" + +# Previous versions of logcheck always sent messages in 7bit encoding, +# even if that resulted in RFC-violating messages. For example, really +# long syslog lines would generate too-long SMTP lines, which are +# rejected at least by Debian's default exim configuration. The new +# default is to let mime-construct pick an appropriate encoding, but you +# can override it by setting the below (to any of the encodings +# supported by mime-construct). You may need to do this if you have +# tools handling logcheck emails that don't understand MIME encoding. + +#MIMEENCODING= + +# Set a different location for temporary files than /tmp +# this is useful if your /tmp is small and you are getting +# errors such as: +# cp: writing `/tmp/logcheck.y12449/checked': No space left on device +# /usr/sbin/logcheck: line 161: cannot create temp file for here document: No space left on device +# mail: /tmp/mail.RsXXXXpc2eAx: No space left on device +# Null message body; hope that's ok +# +# If this is happening, likely you will want to change the following to be some other +# location, such as /var/tmp + +TMP="/tmp"