Docker RSyslog with RELP module support (https://github.com/gynter/docker-rsyslog-relp)
A generic Docker image for RSyslog with RELP module support . This image is designed to run securely on non-systemd (i.e Alpine) containers as unprivileged user (UID/GID 1000)
See https://github.com/gynter/rsyslog-docker-compose-example for deployment example using Docker Compose.
/etc/rsyslog.conf- Main rsyslogd configuration file, can be overwritten by a bind mount;/etc/rsyslog.d/- Extra rsyslogd configuration files, can be mounted as a volume. Files must have*.confextension to be loaded by rsyslogd;/srv/rsyslog/- rsyslogd working directory, PID file will be also created there. It's recommended to mount this directory as a volume if there's a need to persist working files (i.e when using queue files to store data on file system);/logs/- A directory for storing log files. Should be mounted as a volume./etc/pki/rsyslog/- PKI files (CA certificate, server certificate and key) for rsyslogd. Must be mounted as a volume or bind mount. File names are defined in13-listen-relp-tls.confas follows:ca.pem- PEM format x509 root or intermediate CA from which TLS certs are issued from;cert.pem- PEM format x509 certificate for server;key.pem- Private key corresponding to server certificate.
RSYSLOG_TLS_PERMITTED_PEER- List of permitted peer's as defined in TLS.PermittedPeer. Domain names must correspond to x509 certificate SAN extension DNS Name value.
It's not possible to use list format ["peer1_name", "peer2_name"] for RSYSLOG_TLS_PERMITTED_PEER. It might be
due to rsyslogd-s failure to expand environment variables correctly if those contain special characters. This needs
further analysis.
Parts of RSyslog official documentation were used in configuration file comments, therefore the license is same as
RSyslog documentation, Apache License Version 2.0. The copy of the license can be found in file LICENSE.