FreifunkHochstift
/
ffho-salt-public


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596
							#
# graylog
#

{% set graylog_config = salt['pillar.get']('logging:graylog') %}
{% set mongodb_version = '5.0' %}
{% include '../mongodb/init.sls' %}

include:
  - elasticsearch

graylog-repo:
# add Graylog Repo
  pkgrepo.managed:
    - humanname: Graylog Repo
    - name: deb https://packages.graylog2.org/repo/debian/ stable 5.0
    - file: /etc/apt/sources.list.d/graylog.list
    - key_url: https://packages.graylog2.org/repo/debian/keyring.gpg

# install graylog
graylog-server:
  pkg.installed:
    - pkgs:
      - graylog-server
      - python3-ldap
      - ca-certificates-java
    - require:
      - pkgrepo: graylog-repo
      - service: mongodb
      - service: elasticsearch
  service.running:
    - enable: True
    - require:
      - pkg: graylog-server
      - file: /etc/graylog/server/server.conf
    - watch:
      - file: /etc/graylog/server/server.conf

/etc/graylog/server/server.conf:
  file.managed:
    - source: salt://graylog/server.conf.tmpl
    - template: jinja
    - context: 
      graylog_config: {{ graylog_config }}
    - require:
      - pkg: graylog-server

/etc/default/graylog-server:
  file.managed:
    - source: salt://graylog/default-graylog-server
    - mode: 644
    - require:
      - pkg: graylog-server

# Default connection config for graylog api scripts
/etc/graylog-api-scripts.conf:
  file.managed:
    - source: salt://graylog/graylog-api-scripts.conf.tmpl
    - mode: 600
    - template: jinja
    - context:
      graylog_config: {{ graylog_config }}

# Install cronjob and notification script
/etc/cron.d/graylog-system-notifications:
  file.managed:
    - source: salt://graylog/graylog-system-notifications.cron

/usr/local/sbin/graylog-system-notifications:
  file.managed:
    - source: salt://graylog/graylog-system-notifications
    - mode: 700
    - template: jinja
    - context:
      graylog_config: {{ graylog_config }}

# Install cronjob, group mapping script and config files
/etc/graylog-group-mapping.conf:
  file.managed:
    - source: salt://graylog/graylog-group-mapping.conf.tmpl
    - mode: 600
    - template: jinja
    - context:
      graylog_config: {{ graylog_config }}

/etc/cron.d/graylog-group-mapping:
  file.managed:
    - source: salt://graylog/graylog-group-mapping.cron

/usr/local/sbin/graylog-group-mapping:
  file.managed:
    - source: salt://graylog/graylog-group-mapping
    - mode: 700
    - template: jinja
    - context:
      graylog_config: {{ graylog_config }}