Ansible Playbook for PaperTrail on Ubuntu

This posts describes how to create a simple Ansible task on how to setup PaperTrail on Ubuntu.

It’s a follow up to a previous blog describing an Ansible Playbook to setup an HAProxy system. This Ansible task can be included in the HAProxy playbook as well as any other playbooks with something like this:

PLAYBOOK: Install papertrail on Ubuntu
- name: scout
  hosts: all
  user: <user-with-sudo>
  sudo: True

    - include: tasks/papertrail.yml

Next, we define the task that includes installing the dependencies rsyslog and libssl-dev. Also we copy a specific rsyslog configuration for papertrail.

# TASK: Papertrail log aggregation

- name: Install dependencies for Papertrail
  apt: pkg=$item state=latest
    - libssl-dev
    - rsyslog-gnutls

- name: Copy rsyslog.conf
  copy: > 
    owner=root group=root mode=0444
  notify: restart rsyslog

And here’s the content of rsyslog.conf:

Next you need to include the papertrail cerfiticate file if you want to encrypt your connection from rsyslog to PaperTrail. The link to the certificate file is here. You also need to tell Ansible to restart rsyslog when it installs this file using the notify keyword.

- name: Papertrail certificate
  copy: >
    owner=root group=root mode=0444    
  notify: restart rsyslog

Here you include the specific papertrail configuration for rsyslog.

- name: Papertrail rsyslog config file
  copy: >
    owner=root group=root mode=0444    
  notify: restart rsyslog

The papertrail.conf file can be seen here:

Optionally you can install the Ruby papertrail remote syslog in case you’d like to send random logs from the machine to PaperTrail.

- name: Install Papertrail remote file logger
  shell: >
    executable=/bin/bash source /etc/profile.d/;
    gem install remote_syslog --no-ri --no-rdoc    

Finally just run it: ansible-playbook -T 120 -i inventory-file papertrail.yml

comments powered by Disqus