This posts describes how to create a simple Ansible task on how to setup PaperTrail on Ubuntu.
It’s a follow up to a previous
blog
describing an Ansible Playbook to setup an HAProxy system. This Ansible task can
be included in the HAProxy playbook as well as any other playbooks with something
like this:
---
PLAYBOOK: Install papertrail on Ubuntu
---
- name: scout
hosts: all
user: <user-with-sudo>
sudo: True
tasks:
- include: tasks/papertrail.yml
Next, we define the task that includes installing the dependencies
rsyslog and libssl-dev. Also we copy a specific rsyslog configuration
for papertrail.
---
# TASK: Papertrail log aggregation
- name: Install dependencies for Papertrail
apt: pkg=$item state=latest
with_items:
- libssl-dev
- rsyslog-gnutls
- name: Copy rsyslog.conf
copy: >
src=files/rsyslog.conf
dest=/etc/rsyslog.conf
owner=root group=root mode=0444
notify: restart rsyslog
And here’s the content of rsyslog.conf:
Next you need to include the papertrail cerfiticate file if you want
to encrypt your connection from rsyslog to PaperTrail.
The link to the certificate file is
here.
You also need to tell Ansible to restart rsyslog when it installs
this file using the notify keyword.
- name: Papertrail certificate
copy: >
src=files/syslog.papertrail.crt
dest=/etc/syslog.papertrail.crt
owner=root group=root mode=0444
notify: restart rsyslog
Here you include the specific papertrail configuration for rsyslog.
- name: Papertrail rsyslog config file
copy: >
src=files/papertrail.conf
dest=/etc/rsyslog.d/70-papertrail.conf
owner=root group=root mode=0444
notify: restart rsyslog
The papertrail.conf file can be seen here:
Optionally you can install the Ruby papertrail remote syslog in case you’d like to send random logs from the machine to PaperTrail.
- name: Install Papertrail remote file logger
shell: >
executable=/bin/bash source /etc/profile.d/rvm.sh;
gem install remote_syslog --no-ri --no-rdoc
Finally just run it: ansible-playbook -T 120 -i inventory-file papertrail.yml