Puppet Class: icingaweb2::module::audit

Defined in:
manifests/module/audit.pp

Summary

Installs and enables the audit module.

Overview

Note:

If you want to use ‘git` as `install_method`, the CLI `git` command has to be installed.

Examples:

class { 'icingaweb2::module::audit':
  git_revision => 'v1.0.2',
  log_type     => 'syslog',
  log_facility => 'authpriv',
}

Parameters:

  • ensure (Enum['absent', 'present'])

    Enable or disable module.

  • module_dir (Stdlib::Absolutepath) (defaults to: "${icingaweb2::globals::default_module_path}/audit")

    Target directory of the module.

  • git_repository (Stdlib::HTTPUrl)

    Set a git repository URL.

  • git_revision (Optional[String[1]]) (defaults to: undef)

    Set either a branch or a tag name, eg. ‘master` or `v1.0.2`.

  • install_method (Enum['git', 'none', 'package'])

    Install methods are ‘git`, `package` and `none` is supported as installation method.

  • package_name (String[1])

    Package name of the module. This setting is only valid in combination with the installation method ‘package`.

  • log_type (Enum['file', 'syslog', 'none'])

    Logging type to use.

  • log_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    Location of the log file. Only valid if ‘log_type` is set to `file`.

  • log_ident (Optional[String]) (defaults to: undef)

    Logging prefix ident. Only valid if ‘log_type` is set to `syslog`.

  • log_facility (Variant[ Enum['auth', 'user', 'authpriv'], Pattern[/^local[0-7]$/] ])

    Facility to log to. Only valid if ‘log_type` is set to `syslog`.

  • stream_format (Enum['json', 'none'])

    Set to ‘json` to stream in JSON format. Disabled by setting to `none`.

  • stream_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    Path to the stream destination.



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
 
# File 'manifests/module/audit.pp', line 49

class icingaweb2::module::audit (
  Enum['absent', 'present']      $ensure,
  Stdlib::HTTPUrl                $git_repository,
  Enum['git', 'none', 'package'] $install_method,
  String[1]                      $package_name,
  Enum['file', 'syslog', 'none'] $log_type,
  Variant[
    Enum['auth', 'user', 'authpriv'],
    Pattern[/^local[0-7]$/]
  ]                              $log_facility,
  Enum['json', 'none']           $stream_format,
  Optional[Stdlib::Absolutepath] $stream_file  = undef,
  Optional[Stdlib::Absolutepath] $log_file     = undef,
  Optional[String]               $log_ident    = undef,
  Stdlib::Absolutepath           $module_dir   = "${icingaweb2::globals::default_module_path}/audit",
  Optional[String[1]]            $git_revision = undef,
) {
  require icingaweb2

  $conf_dir        = $icingaweb2::globals::conf_dir
  $module_conf_dir = "${conf_dir}/modules/audit"

  case $log_type {
    'file': {
      $log_settings = {
        'type' => 'file',
        'path' => $log_file,
      }
    }
    'syslog': {
      $log_settings = {
        'type'     => 'syslog',
        'ident'    => $log_ident,
        'facility' => $log_facility,
      }
    }
    default: {
      $log_settings = { 'type' => 'none', }
    }
  }

  $settings = {
    'icingaweb2-module-audit-log' => {
      'section_name' => 'log',
      'target'       => "${module_conf_dir}/config.ini",
      'settings'     => delete_undef_values($log_settings),
    },
    'icingaweb2-module-audit-stream' => {
      'section_name' => 'stream',
      'target'       => "${module_conf_dir}/config.ini",
      'settings'     => delete_undef_values({
          'format' => $stream_format,
          'path'   => $stream_file,
      }),
    },
  }

  icingaweb2::module { 'audit':
    ensure         => $ensure,
    git_repository => $git_repository,
    git_revision   => $git_revision,
    install_method => $install_method,
    module_dir     => $module_dir,
    package_name   => $package_name,
    settings       => $settings,
  }
}