From 029ffc1c3c3239392ff708254266a150ab21856d Mon Sep 17 00:00:00 2001
From: Bill Glick <bglick@illinois.edu>
Date: Mon, 2 Dec 2024 16:18:55 -0600
Subject: [PATCH] SVCPLAN-6652: Add syslog class to track specific GitLab logs
 via syslog

---
 REFERENCE.md                | 13 +++++++++++
 manifests/init.pp           |  1 +
 manifests/syslog.pp         | 43 +++++++++++++++++++++++++++++++++++++
 spec/classes/syslog_spec.rb | 13 +++++++++++
 4 files changed, 70 insertions(+)
 create mode 100644 manifests/syslog.pp
 create mode 100644 spec/classes/syslog_spec.rb

diff --git a/REFERENCE.md b/REFERENCE.md
index 9302454..22c7862 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -10,6 +10,7 @@
 * [`profile_gitlab::backup`](#profile_gitlab--backup): Configure GitLab backups
 * [`profile_gitlab::firewall`](#profile_gitlab--firewall): Open GitLab ports in the firewall
 * [`profile_gitlab::ssh`](#profile_gitlab--ssh): Configure ssh access to GitLab for git clients
+* [`profile_gitlab::syslog`](#profile_gitlab--syslog): Configure syslog related to GitLab
 
 ## Classes
 
@@ -118,3 +119,15 @@ Data type: `Array[String]`
 
 List of subnets allowed SSH access
 
+### <a name="profile_gitlab--syslog"></a>`profile_gitlab::syslog`
+
+Configure syslog related to GitLab
+
+#### Examples
+
+##### 
+
+```puppet
+include profile_gitlab::syslog
+```
+
diff --git a/manifests/init.pp b/manifests/init.pp
index 8af8a6d..8af7c6b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -7,4 +7,5 @@
   include profile_gitlab::backup
   include profile_gitlab::firewall
   include profile_gitlab::ssh
+  include profile_gitlab::syslog
 }
diff --git a/manifests/syslog.pp b/manifests/syslog.pp
new file mode 100644
index 0000000..a6a6109
--- /dev/null
+++ b/manifests/syslog.pp
@@ -0,0 +1,43 @@
+# @summary Configure syslog related to GitLab
+#
+# @example
+#   include profile_gitlab::syslog
+class profile_gitlab::syslog {
+  include rsyslog
+
+  $rsyslog_default_params = {
+    target   => '75_gitlab.conf',
+    confdir  => $rsyslog::confdir,
+  }
+
+  # Define the rsyslog module
+  rsyslog::component::module { 'imfile':
+    priority => $rsyslog::module_load_priority,
+    *        => $rsyslog_default_params,
+  }
+
+  # Define the rsyslog inputs
+  rsyslog::component::input { 'gitlab-access':
+    config   => {
+      facility => 'local0',
+      file     => '/var/log/gitlab/nginx/gitlab_access.log',
+      severity => 'info',
+      tag      => 'gitlab-access',
+    },
+    priority => $rsyslog::input_priority,
+    type     => 'imfile',
+    *        => $rsyslog_default_params,
+  }
+
+  rsyslog::component::input { 'gitlab-shell':
+    config   => {
+      facility => 'local0',
+      file     => '/var/log/gitlab/gitlab-shell/gitlab-shell.log',
+      severity => 'info',
+      tag      => 'gitlab-shell',
+    },
+    priority => $rsyslog::input_priority,
+    type     => 'imfile',
+    *        => $rsyslog_default_params,
+  }
+}
diff --git a/spec/classes/syslog_spec.rb b/spec/classes/syslog_spec.rb
new file mode 100644
index 0000000..e0f6159
--- /dev/null
+++ b/spec/classes/syslog_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'profile_gitlab::syslog' do
+  on_supported_os.each do |os, os_facts|
+    context "on #{os}" do
+      let(:facts) { os_facts }
+
+      it { is_expected.to compile.with_all_deps }
+    end
+  end
+end