Puppet Class: falco::config

Inherits:
falco
Defined in:
manifests/config.pp

Summary

Controls the contents of falco.yaml and sets up log rotate, if needed

Overview

Controls the contents of falco.yaml and sets up log rotate, if needed



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'manifests/config.pp', line 5

class falco::config inherits falco {
  file {
    default:
      ensure  => file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      require => Class['falco::install'],
      notify  => Service["falco-${falco::driver}"],
      ;
    '/etc/falco/falco.yaml':
      content => template('falco/falco.yaml.erb'),
      ;
    '/etc/falco/falco_rules.local.yaml':
      content => epp('falco/falco_rules.local.yaml.epp', { 'local_rules' => $falco::local_rules, }),
      ;
  }

  $_file_output = $falco::file_output

  if ($_file_output != undef) and ($_file_output['enabled']) {
    logrotate::rule { 'falco_output':
      path          => $_file_output['filename'],
      rotate        => 5,
      rotate_every  => 'day',
      size          => '1M',
      missingok     => true,
      compress      => true,
      sharedscripts => true,
      postrotate    => '/usr/bin/killall -USR1 falco',
    }
  }
}