Skip to content

/ install-script

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add TLS support in Tomcat Script #105

Merged
merged 4 commits into from Nov 6, 2017
+163 −61
Merged

Add TLS support in Tomcat Script #105

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f520915
Add TLS support in Tomcat Script
Oct 3, 2017
95f82e7
Added systemctl command to check for tomcat service
Oct 26, 2017
69fb261
Merge branch 'master' into TLS-Support-Tomcat
Nov 1, 2017
280bdfa
Merge branch 'master' into TLS-Support-Tomcat
Nov 1, 2017
File filter...
Filter file types
Jump to…
Jump to file
Failed to load files.

Always

Just for now

Next

Add TLS support in Tomcat Script

  • Loading branch information
Ubuntu
Ubuntu committed Oct 3, 2017
commit f520915ba1fcae0624a6184d744a8d5301d5209b
118 Modular Scripts/Tomcat/configure-tomcat.sh
View file
Open in desktop
@@ -49,6 +49,8 @@ LOGGLY_FILE_TAG="tomcat"
#add tags to the logs
TAG=

TLS_SENDING="true"

#this variable will hold the catalina home provide by user.
#this is not a mandatory input
LOGGLY_CATALINA_HOME=
@@ -524,15 +526,107 @@ write21TomcatFileContents()
sudo touch $TOMCAT_SYSLOG_CONFFILE
sudo chmod o+w $TOMCAT_SYSLOG_CONFFILE

imfileStr="\$ModLoad imfile
\$WorkDirectory $RSYSLOG_DIR
"
commonContent="
\$ModLoad imfile
\$WorkDirectory $RSYSLOG_DIR
"
if [[ "$LINUX_DIST" == *"Ubuntu"* ]]; then
imfileStr+="\$PrivDropToGroup adm
commonContent+="\$PrivDropToGroup adm
"
fi

imfileStr=$commonContent"
\$ActionSendStreamDriver gtls
\$ActionSendStreamDriverMode 1
\$ActionSendStreamDriverAuthMode x509/name
\$ActionSendStreamDriverPermittedPeer *.loggly.com
#RsyslogGnuTLS
\$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt
#parameterized token here.......
#Add a tag for tomcat events
\$template LogglyFormatTomcat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\"
# catalina.out
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.out
\$InputFileTag catalina-out
\$InputFileStateFile stat-catalina-out
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'catalina-out' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'catalina-out' then ~
# initd.log
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/initd.log
\$InputFileTag initd
\$InputFileStateFile stat-initd
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'initd' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'initd' then ~
"

#if log rotation is enabled i.e. tomcat version is greater than or equal to
#6.0.33.0, then add the following lines to tomcat syslog conf file
if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then
imfileStr+=$commonContent"
# catalina.log
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.log
\$InputFileTag catalina-log
\$InputFileStateFile stat-catalina-log
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'catalina-log' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'catalina-log' then ~
# host-manager.log
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/host-manager.log
\$InputFileTag host-manager
\$InputFileStateFile stat-host-manager
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'host-manager' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'host-manager' then ~
# localhost.log
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost.log
\$InputFileTag localhost-log
\$InputFileStateFile stat-localhost-log
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'localhost-log' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'localhost-log' then ~
# manager.log
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/manager.log
\$InputFileTag manager
\$InputFileStateFile stat-manager
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'manager' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'manager' then ~
# localhost_access_log.txt
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/localhost_access_log.txt
\$InputFileTag tomcat-access
\$InputFileStateFile stat-tomcat-access
\$InputFileSeverity info
\$InputFilePersistStateInterval 20000
\$InputRunFileMonitor
if \$programname == 'tomcat-access' then @@logs-01.loggly.com:6514;LogglyFormatTomcat
if \$programname == 'tomcat-access' then ~
"
fi

imfileStr+="
imfileStrNonTls=$commonContent"
#parameterized token here.......
#Add a tag for tomcat events
\$template LogglyFormatTomcat,\"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$LOGGLY_AUTH_TOKEN@41058 $TAG] %msg%\n\"
@@ -561,7 +655,7 @@ if \$programname == 'initd' then ~
#if log rotation is enabled i.e. tomcat version is greater than or equal to
#6.0.33.0, then add the following lines to tomcat syslog conf file
if [ $(compareVersions $TOMCAT_VERSION $MIN_TOMCAT_VERSION 4) -ge 0 ]; then
imfileStr+="
imfileStrNonTls+=$commonContent"
# catalina.log
\$InputFileName $LOGGLY_CATALINA_LOG_HOME/catalina.log
\$InputFileTag catalina-log
@@ -614,6 +708,11 @@ if \$programname == 'tomcat-access' then ~
"
fi

if [ $TLS_SENDING == "false" ];
then
imfileStr=$imfileStrNonTls
fi

#change the tomcat-21 file to variable from above and also take the directory of the tomcat log file.
sudo cat << EOIPFW >> $TOMCAT_SYSLOG_CONFFILE
$imfileStr
@@ -787,6 +886,11 @@ while [ "$1" != "" ]; do
-s | --suppress )
SUPPRESS_PROMPT="true"
;;
--insecure )
LOGGLY_TLS_SENDING="false"
TLS_SENDING="false"
LOGGLY_SYSLOG_PORT=514
;;
-h | --help)
usage
exit
@@ -812,4 +916,4 @@ else
usage
fi

########## Get Inputs from User - End ##########
########## Get Inputs from User - End ##########
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.