# rsyslog
class soc::rsyslog::server(
  $daily_rotation = true,
  $syslog_servers = lookup(syslog_servers, undef, undef, []),
  $gelf_graylog_servers = lookup(gelf_graylog_servers, undef, undef, []),
  $relp_syslog_servers = lookup(relp_syslog_servers, undef, undef, []),
  $syslog_enable_remote = lookup('syslog_enable_remote', undef, undef, 'true'),
  $udp_port = lookup(udp_port, undef, undef, undef),
  $udp_client = lookup('udp_client', undef, undef, 'any'),
  $tcp_port = lookup(tcp_port, undef, undef, undef),
  $tcp_client = lookup('tcp_client', undef, undef, 'any'),
  $relp_port = lookup(relp_port, undef, undef, '2514'),
  $relp_client = lookup('relp_client', undef, undef, 'any'),
  $traditional_file_format = false,
  $hostgroups = $facts['configured_hosts_in_cosmos'],
) {
  # Install rsyslog packages
  [ 'rsyslog', 'rsyslog-relp', 'rsyslog-openssl' ].each |String $package| {
    package { $package:
      ensure => latest,
    }
  }

  $do_remote = str2bool($syslog_enable_remote)

  file {
    '/var/log/remote':
      ensure => directory,
      ;
    '/etc/rsyslog.conf':
      ensure  => file,
      mode    => '0644',
      content => template('soc/rsyslog/rsyslog.conf.erb'),
      require => Package['rsyslog'],
      notify  => Service['rsyslog'],
      ;
    '/etc/rsyslog.d/99-default.conf':
      ensure  => file,
      mode    => '0644',
      content => template('soc/rsyslog/rsyslog-default.conf.erb'),
      require => Package['rsyslog'],
      notify  => Service['rsyslog'],
      ;
    '/etc/rsyslog.d/10-remote.conf':
      ensure  => file,
      mode    => '0644',
      content => template('soc/rsyslog/rsyslog-remote.conf.erb'),
      require => Package['rsyslog'],
      ;
  }

  service { 'rsyslog':
    ensure    => 'running',
    enable    => true,
    subscribe => File['/etc/rsyslog.d/10-remote.conf'],
  }

  if ($tcp_port or $udp_port or $relp_port) {
    if ($udp_port) {
        sunet::nftables::allow { "allow-syslog-udp-${udp_port}":
          from  => $udp_client,
          to    => 'any',
          proto => 'udp',
          port  => $udp_port
        }
    }
    if ($tcp_port) {
        sunet::nftables::allow { "allow-syslog-tcp-${tcp_port}":
          from  => $tcp_client,
          to    => 'any',
          proto => 'tcp',
          port  => $tcp_port
        }
    }
    file { '/etc/rsyslog.d/50-local.conf':
      ensure  => file,
      mode    => '0644',
      content => template('soc/rsyslog/rsyslog-local.conf.erb'),
      require => Package['rsyslog'],
      notify  => Service['rsyslog']
    }
  }

  if ($daily_rotation == true)
  {
    file { '/etc/logrotate.d/rsyslog':
      ensure  => file,
      mode    => '0644',
      content => template('soc/rsyslog/rsyslog.logrotate.erb'),
    }
  }

  if 'all' in $hostgroups {
    $hostgroups['all'].each |String $hostname| {
      $ip_list = dnsLookup($hostname)
      $ip_list.each |String $ip| {
        sunet::nftables::allow { "allow-rsyslog-relp-${ip}":
          from => $ip,
          port => $relp_port,
        }
      }
    }
  }
}