Support RELP without TLS (there are bugs).
This commit is contained in:
parent
798e5a3395
commit
9877d604dc
|
@ -7,7 +7,7 @@ rsyslog_enable_remote_tcp: 'disabled'
|
|||
rsyslog_tcp_port: 514
|
||||
|
||||
rsyslog_remote_path: /var/log/remote
|
||||
# RELP, actually. Plain TLS is unreliable
|
||||
rsyslog_relp_enabled: False
|
||||
rsyslog_tls_status: 'disabled'
|
||||
rsyslog_tls_deb_pkgs:
|
||||
- 'rsyslog-gnutls'
|
||||
|
|
|
@ -2,16 +2,20 @@
|
|||
#
|
||||
# The order counts
|
||||
#
|
||||
{% if rsyslog_tls_status != 'disabled ' %}
|
||||
{% if rsyslog_relp_enabled %}
|
||||
module(load="imuxsock")
|
||||
module(load="imrelp" ruleset="relp")
|
||||
input(type="imrelp" port="{{ rsyslog_relp_port }}"
|
||||
{% if rsyslog_tls_status != 'disabled ' %}
|
||||
tls="on"
|
||||
tls.caCert="{{ rsyslog_tls_ca }}"
|
||||
tls.myCert="{{ rsyslog_tls_cert }}"
|
||||
tls.myPrivKey="{{ rsyslog_tls_key }}"
|
||||
#tls.authMode="name"
|
||||
#tls.permittedpeer=["client1","client2","client3"] )
|
||||
{% else %}
|
||||
tls="off"
|
||||
{% endif %}
|
||||
)
|
||||
template (name="remote" type="string" string="{{ rsyslog_remote_path }}/%HOSTNAME%/%HOSTNAME%-syslog.log")
|
||||
ruleset (name="relp") { action(type="omfile" DynaFile="remote") }
|
||||
|
|
|
@ -4,6 +4,6 @@
|
|||
# We use RELP
|
||||
module(load="imuxsock")
|
||||
module(load="omrelp")
|
||||
action(type="omrelp" target="{{ rsyslog_remote_collector }}" port="{{ rsyslog_relp_port }}" tls="on" tls.caCert="{{ rsyslog_tls_ca }}" )
|
||||
action(type="omrelp" target="{{ rsyslog_remote_collector }}" port="{{ rsyslog_relp_port }}"{% if rsyslog_tls_status != 'disabled ' %} tls="on" tls.caCert="{{ rsyslog_tls_ca }}"{% else %} tls="off"{% endif %} )
|
||||
#
|
||||
{% endif %}
|
||||
|
|
Loading…
Reference in New Issue