fragment.pp

# modules/syslog/manifests/fragment.pp - definition for
# base::iptables::fragments ()
#
# Install or remove a syslog fragment.  Recommented practice is to
# include fragments in the syslog module, but they can be pulled from
# any puppet manifest.  The default is use puppet templates for
# fragments which allows dynamic content without having to define all
# possible substitutions as part of the define.  Some default values
# are provided for example syslog_target defaults to
# logsink.stanford.edu.
#
# Example:
#
#  syslog_target = 'logsink-dev.stanford.edu'
#  base::syslog::fragment { '50-tcp-output.conf': ensure => present }
#
# Example:
#
#  base::syslog::fragment {
#    '90-default-remote.conf':
#      ensure => present;
#    '95-local.conf':
#      ensure => present,
#      source => 'puppet:///modules/s_audit/etc/rsyslog.d/95-local.conf';
#  }

define base::syslog::fragment(
  $ensure,
  $source  = NOSRC,
  $content = NOCONTENT)
{
  $realname = "/etc/rsyslog.d/$name"
  $codename = "syslog::fragment"
  $basetmpl = "base/syslog/etc/rsyslog.d/${name}.erb"

  # Useful default template values
  if $syslog_target {
    $syslog_server = $syslog_target
  } else {
    $syslog_server = 'logsink.stanford.edu'
  }
  
  case $ensure {

    present: {
      case $content {
        'NOCONTENT': {
          if $source == 'NOSRC' {
            # No content and no source then use a default
            # template.
            file { "$realname":
              content => template($basetmpl),
              notify  => Service['syslog'],
            }
          } else {
            # Source was specified
            file { "$realname":
              source => $source,
              notify => Service['syslog'],
            }
          }
        }
        default: {
          if $source == 'NOSRC' {
            # Content was specified, use it.
            file { "$realname":
              content => $content,
              notify  => Service['syslog'],
            }
          } else {
            # Both content and source where specified
            fail "$codename - source or content, not both."
          }
        }
      }
    }

    absent: {
      file { "$realname":
        ensure => absent,
        notify => Service['syslog'],
      }
    }

    default: {
      crit "Invalid ensure value: $ensure"
    }
  }
}