From 2520ebda662d9fcc54de3c1f402b7ecb1c3a05e3 Mon Sep 17 00:00:00 2001 From: Patrik Holmqvist Date: Thu, 3 Apr 2025 10:13:18 +0200 Subject: [PATCH] Conf logging for new connector, SC-2670 --- global/overlay/etc/puppet/cosmos-rules.yaml | 2 ++ .../puppet/modules/eid/manifests/connector.pp | 7 +++++ .../connector/application-test.yml.erb | 5 ++-- .../eid/templates/connector/logback.xml.erb | 29 +++++++++++++++++++ 4 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 global/overlay/etc/puppet/modules/eid/templates/connector/logback.xml.erb diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 5e50e724..fc0cbdce 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -1251,6 +1251,7 @@ connector-qa-sto1-1.komreg.net: session_backend: memory use_hsm: false version: 2.0.4_hsm2_ubuntu + syslog_servers: ['log-qa-sto1-1.komreg.net'] sunet::frontend::register_sites: sites: 'qa.connector.eidas.swedenconnect.se': @@ -1317,6 +1318,7 @@ testmyeid-qa-sto1-1.komreg.net: eid::connector: environment: test version: 2.0.5_hsm2_ubuntu + syslog_servers: ['log-test-sto3-1.komreg.net'] sunet::redictcluster: hostmode: true tls: true diff --git a/global/overlay/etc/puppet/modules/eid/manifests/connector.pp b/global/overlay/etc/puppet/modules/eid/manifests/connector.pp index 4e5c4243..704a39c8 100644 --- a/global/overlay/etc/puppet/modules/eid/manifests/connector.pp +++ b/global/overlay/etc/puppet/modules/eid/manifests/connector.pp @@ -13,6 +13,7 @@ class eid::connector ( String $server_fqdn = $facts['networking']['fqdn'], String $connector_directory = '/opt/eidas-connector', Boolean $use_hsm=true, + Array[string] $syslog_servers=[], ) { if $use_hsm { @@ -42,6 +43,12 @@ class eid::connector ( content => template("eid/connector/application-${environment}.yml.erb") } + # Create the environment specific config file from template + file { "${connector_directory}/logback.xml": + ensure => 'file', + content => template("eid/connector/logback.xml.erb") + } + # If we dont use HSM, we need the keys on disk unless ($use_hsm) { sunet::snippets::secret_file {"${connector_directory}/credentials/connector-${environment}-sign.key": diff --git a/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb b/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb index 010c3e82..cdc66d32 100644 --- a/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb +++ b/global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb @@ -160,8 +160,8 @@ saml: audit: in-memory: capacity: 1000 - file: - log-file: ${CONNECTOR_DIRECTORY}/logs/audit.log + log-system: + logger-name: "AUDIT" logging: level: @@ -169,3 +169,4 @@ logging: swedenconnect: opensaml: DEBUG eidas: INFO + config: file:${CONNECTOR_DIRECTORY}/logback.xml diff --git a/global/overlay/etc/puppet/modules/eid/templates/connector/logback.xml.erb b/global/overlay/etc/puppet/modules/eid/templates/connector/logback.xml.erb new file mode 100644 index 00000000..2d69107a --- /dev/null +++ b/global/overlay/etc/puppet/modules/eid/templates/connector/logback.xml.erb @@ -0,0 +1,29 @@ + + + + + + + + + +<% @syslog_servers.each do |syslog_server| -%> + + <%= syslog_server %> + 514 + USER + %msg + true + +<% end -%> + + + + + +<% @syslog_servers.each do |syslog_server| -%> + + + +<% end -%> + \ No newline at end of file