Permalink
Browse files

Log the filenames agency users upload to the transition-logs server

- Bump the version of attachmentgenie/ssh to be able to do this,
  under the instruction of @dcarley.
- Add the extra arguments to the `sftp subsystem` line to
  hieradata/common.yml. Thanks to @ajlanghorn and @mattbostock for
  getting me out of a rabbit hole of which file to edit.
- Change the default destination for these new logs from syslog to
  sftp-server.log to avoid cluttering syslog.
  • Loading branch information...
1 parent 2ef7fb0 commit 8028852e5288aa43306926463ece1d922b719a62 @issyl0 issyl0 committed Mar 11, 2014
Showing with 12 additions and 3 deletions.
  1. +1 −1 Puppetfile
  2. +2 −2 Puppetfile.lock
  3. +2 −0 hieradata/common.yaml
  4. +7 −0 modules/cdn_logs/manifests/init.pp
View
@@ -7,7 +7,7 @@ mod 'puppetlabs/stdlib', '~> 4.0'
mod 'saz/dnsmasq', '1.0.1'
mod 'pdxcat/collectd', '~> 0.0'
mod 'attachmentgenie/ufw', '1.1.0'
-mod 'attachmentgenie/ssh', '1.1.1'
+mod 'attachmentgenie/ssh', '1.2.1'
mod 'puppetlabs/apt', '~> 1.3.0'
mod 'puppetlabs/git', '0.0.2'
mod 'puppetlabs/mysql', '0.9.0'
View
@@ -8,7 +8,7 @@ FORGE
specs:
attachmentgenie/locales (1.0.2)
puppetlabs/stdlib (>= 2.2.1)
- attachmentgenie/ssh (1.1.1)
+ attachmentgenie/ssh (1.2.1)
puppetlabs/stdlib (>= 2.2.1)
attachmentgenie/ufw (1.1.0)
puppetlabs/stdlib (>= 2.2.1)
@@ -118,7 +118,7 @@ GIT
DEPENDENCIES
attachmentgenie/locales (= 1.0.2)
- attachmentgenie/ssh (= 1.1.1)
+ attachmentgenie/ssh (= 1.2.1)
attachmentgenie/ufw (= 1.1.0)
clamav (>= 0)
cpanm (>= 0)
View
@@ -101,3 +101,5 @@ cdn_logs::cert: |
YMYXvOaM6iswgdQGA1UdIwSBzDCByYAUCLsht8znHwAgdlpkYMYXvOaM6iuhgaWk
gaIwgZ8xCzAJBgNVBAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxv
bmRvbjEjMCEGA1UEChMaR292ZXJubWVudCBEaWdpdGFsIFNlcnZpY2UxJDAiBgNV
+
+ssh::server::subsystem_sftp: /usr/lib/openssh/sftp-server -f LOCAL7 -l VERBOSE
@@ -44,6 +44,13 @@
],
}
+ rsyslog::snippet { 'transition_logs_sftp':
+ content => 'local7.* /var/log/sftp-server.log',
+ require => [
+ Class['ci_environment::transition_logs']
+ ]
+ }
+
ufw::allow { 'rsyslog_cdn_logs':
port => $port,
ip => 'any',

0 comments on commit 8028852

Please sign in to comment.