42 lines
1.2 KiB
Bash
Executable File
42 lines
1.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Install rsyslog config that ships mail-stack logs to a remote ELK syslog input.
|
|
# Run as root: sudo ./install.sh <ELK_HOST> [<ELK_PORT>] [tcp|udp]
|
|
set -euo pipefail
|
|
|
|
ELK_HOST="${1:-${ELK_HOST:-logstash.internal}}"
|
|
ELK_PORT="${2:-${ELK_PORT:-5140}}"
|
|
PROTO="${3:-tcp}"
|
|
|
|
HERE="$(cd "$(dirname "$0")" && pwd)"
|
|
|
|
PROTO_PREFIX='@@'
|
|
[ "$PROTO" = "udp" ] && PROTO_PREFIX='@'
|
|
|
|
sed \
|
|
-e "s|target=\"logstash.internal\"|target=\"$ELK_HOST\"|" \
|
|
-e "s|port=\"5140\"|port=\"$ELK_PORT\"|" \
|
|
-e "s|protocol=\"tcp\"|protocol=\"$PROTO\"|" \
|
|
"$HERE/49-mail-stack.conf" > /etc/rsyslog.d/49-mail-stack.conf
|
|
|
|
mkdir -p /var/spool/rsyslog
|
|
chown syslog:adm /var/spool/rsyslog 2>/dev/null || chown root:adm /var/spool/rsyslog
|
|
|
|
# Make sure rsyslog can read mail-stack logs.
|
|
if [ -d /etc/logrotate.d ]; then
|
|
cat > /etc/logrotate.d/mail-stack <<'EOF'
|
|
/var/log/mail-flask.log /var/log/mail-dramatiq.log /var/log/mail-backup.log {
|
|
daily
|
|
rotate 30
|
|
missingok
|
|
notifempty
|
|
compress
|
|
delaycompress
|
|
copytruncate
|
|
}
|
|
EOF
|
|
fi
|
|
|
|
systemctl restart rsyslog
|
|
echo "rsyslog: shipping mail-stack → $ELK_HOST:$ELK_PORT ($PROTO)"
|
|
systemctl --no-pager status rsyslog | head -10
|