aboutsummaryrefslogtreecommitdiff
path: root/roles
diff options
context:
space:
mode:
authorJohannes Stoelp <johannes.stoelp@gmail.com>2024-02-13 00:39:32 +0100
committerJohannes Stoelp <johannes.stoelp@gmail.com>2024-02-13 00:39:32 +0100
commiteff60765ee91a900f665b84ae882a6e9158c1192 (patch)
treecb2aca23ea7e4975e8e533478219e8bf324894c7 /roles
parent10386c5e85154f94974b59e0f1c23f4302bde90e (diff)
downloadansible-memzero-eff60765ee91a900f665b84ae882a6e9158c1192.tar.gz
ansible-memzero-eff60765ee91a900f665b84ae882a6e9158c1192.zip
git: add rsyslog
Diffstat (limited to 'roles')
-rw-r--r--roles/git/files/gitolite-cgit/Dockerfile5
-rwxr-xr-xroles/git/files/gitolite-cgit/entrypoint.sh2
-rw-r--r--roles/git/files/gitolite-cgit/etc/rsyslog.conf19
-rw-r--r--roles/git/files/gitolite-cgit/etc/sshd_config2
4 files changed, 27 insertions, 1 deletions
diff --git a/roles/git/files/gitolite-cgit/Dockerfile b/roles/git/files/gitolite-cgit/Dockerfile
index dcaf1a0..e46aa21 100644
--- a/roles/git/files/gitolite-cgit/Dockerfile
+++ b/roles/git/files/gitolite-cgit/Dockerfile
@@ -4,12 +4,15 @@ RUN apk add --update-cache --upgrade --no-cache --purge \
gitolite openssh \
cgit nginx fcgiwrap spawn-fcgi \
py3-markdown py3-pygments \
- curl \
+ rsyslog curl \
&& rm -rf /var/cache/apk
VOLUME /var/lib/git
EXPOSE 22 80
+# -- rsyslogd
+COPY etc/rsyslog.conf /etc
+
# -- sshd
COPY etc/sshd_config /etc/ssh/sshd_config
diff --git a/roles/git/files/gitolite-cgit/entrypoint.sh b/roles/git/files/gitolite-cgit/entrypoint.sh
index 3ad094f..14c16a7 100755
--- a/roles/git/files/gitolite-cgit/entrypoint.sh
+++ b/roles/git/files/gitolite-cgit/entrypoint.sh
@@ -52,5 +52,7 @@ rm -f /etc/nginx/http.d/default.conf
spawn-fcgi -s /run/fcgiwrap.sock -U nginx -- /usr/bin/fcgiwrap
nginx
+rsyslogd
+
# Start sshd non-detached.
/usr/sbin/sshd -D
diff --git a/roles/git/files/gitolite-cgit/etc/rsyslog.conf b/roles/git/files/gitolite-cgit/etc/rsyslog.conf
new file mode 100644
index 0000000..fa25c6a
--- /dev/null
+++ b/roles/git/files/gitolite-cgit/etc/rsyslog.conf
@@ -0,0 +1,19 @@
+$AbortOnUncleanConfig on
+$WorkDirectory /var/lib/rsyslog
+
+$FileOwner root
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+## Modules
+
+# Support local system logging.
+module(load="imuxsock")
+
+## Logging Rules
+
+# Write all messages with 'info' severity except 'auth.info' to messages file.
+# The '-' disables buffer flush.
+#*.info;auth.none -/var/log/messages
+auth.* /dev/stdout
diff --git a/roles/git/files/gitolite-cgit/etc/sshd_config b/roles/git/files/gitolite-cgit/etc/sshd_config
index b6da391..b9ab963 100644
--- a/roles/git/files/gitolite-cgit/etc/sshd_config
+++ b/roles/git/files/gitolite-cgit/etc/sshd_config
@@ -12,3 +12,5 @@ PermitEmptyPasswords no
AllowTcpForwarding no
GatewayPorts no
X11Forwarding no
+
+# Logs by default to auth.* syslog facility.