Set up rsyslog relp listener.

global/overlay/etc/puppet/cosmos-rules.yaml

@@ -97,3 +97,4 @@ internal-sto3-test-rsyslog-1.cert.sunet.se:
     syslog_enable_remote: false
     udp_port: 514
     tcp_port: 514
+    relp_port: 2514

global/overlay/etc/puppet/modules/soc/manifests/rsyslog.pp

@@ -9,6 +9,8 @@ class soc::rsyslog(
   $udp_client = lookup('udp_client', undef, undef, 'any'),
   $tcp_port = lookup(tcp_port, undef, undef, undef),
   $tcp_client = lookup('tcp_client', undef, undef, 'any'),
+  $relp_port = lookup(relp_port, undef, undef, undef)
+  $relp_client = lookup('relp_client', undef, undef, 'any'),
   $traditional_file_format = false,
 ) {
   ensure_resource('package', 'rsyslog', {
@@ -57,7 +59,7 @@ class soc::rsyslog(
       })
   }
 
-  if ($tcp_port or $udp_port) {
+  if ($tcp_port or $udp_port or $relp_port) {
 
     if ($udp_port) {
         sunet::nftables::allow { "allow-syslog-udp-${udp_port}":
@@ -77,6 +79,15 @@ class soc::rsyslog(
         }
     }
 
+    if ($relp_port) {
+        sunet::nftables::allow { "allow-syslog-relp-${relp_port}":
+          from  => $relp_client,
+          to    => 'any',
+          proto => 'tcp',
+          port  => $relp_port
+        }
+    }
+
     file { '/etc/rsyslog.d/50-local.conf':
       ensure  => file,
       mode    => '0644',

global/overlay/etc/puppet/modules/soc/templates/rsyslog/rsyslog-local.conf.erb

@@ -10,3 +10,12 @@ input(type="imudp" port="<%= @udp_port %>")
 module(load="imtcp")
 input(type="imtcp" port="<%= @tcp_port %>")
 <% end -%>
+
+<% if @relp_port -%>
+module(load="imrelp")
+input(
+  type="imrelp" 
+  port="<%= @relp_port %>
+  maxDataSize="10k"
+  oversizeMode="trucate")
+<% end -%>