common: Add syslog-ng and logrotate

journal logs are nice and all, but they are comparatively large and
(mostly) uncompressed. This way we at can at least maintain logs for a
reasonable time frame to investigate issues even if the journal decided
that it has to clean up "old" logs.

The logrotate config uses an archive directory to rotate logs to for
stricter permissions on old logs to increase data protection (EU GDPR).
Signed-off-by: Florian Pritz <bluewind@xinu.at>

roles/common/handlers/main.yml

@@ -8,3 +8,6 @@
 
 - name: systemd daemon-reload
   command: systemctl daemon-reload
+
+- name: restart syslog-ng
+  service: name=syslog-ng@default state=restarted

roles/common/tasks/main.yml

@@ -77,11 +77,36 @@
   notify:
     - restarted journald
 
+- name: install syslog-ng
+  pacman: name=syslog-ng state=present
+
+- name: configure syslog-ng
+  template: src=syslog-ng.conf.j2 dest=/etc/syslog-ng/syslog-ng.conf owner=root group=root mode=0600
+  notify:
+    - restart syslog-ng
+
+- name: configure syslog-ng default config
+  template: src=syslog-ng@default.j2 dest=/etc/default/syslog-ng@default owner=root group=root mode=0644
+  notify:
+    - restart syslog-ng
+
+- name: start syslog-ng
+  service: name=syslog-ng@default state=started enabled=yes
+
 - name: install system.conf
   template: src=system.conf.j2 dest=/etc/systemd/system.conf owner=root group=root mode=0644
   notify:
     - systemd daemon-reload
 
+- name: install logrotate
+  pacman: name=logrotate state=present
+
+- name: configure logrotate
+  template: src=logrotate.conf.j2 dest=/etc/logrotate.conf owner=root group=root mode=0644
+
+- name: enable logrotate timer
+  service: name=logrotate.timer state=started enabled=yes
+
 - name: create zsh directory
   file: path=/root/.zsh state=directory owner=root group=root mode=0700
 

roles/common/templates/logrotate.conf.j2

+# see "man logrotate" for details
+# rotate log files weekly
+daily
+
+# keep 30 days worth of backlogs
+rotate 30
+
+# restrict maximum size of log files
+size 200M
+
+# create new (empty) log files after rotating old ones
+create
+
+# uncomment this if you want your log files compressed
+compress
+
+# Ignore pacman saved files
+tabooext + .pacorig .pacnew .pacsave
+
+# Arch packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+/var/log/wtmp {
+    monthly
+    create 0664 root utmp
+    minsize 1M
+    rotate 1
+}
+
+/var/log/btmp {
+    missingok
+    monthly
+    create 0600 root utmp
+    rotate 1
+}
+

roles/common/templates/syslog-ng.conf.j2

+@version: 3.17
+@include "scl.conf"
+#
+# /etc/syslog-ng/syslog-ng.conf
+#
+
+options {
+  stats_freq (0);
+  flush_lines (0);
+  time_reopen (10);
+  log_fifo_size (10000);
+  chain_hostnames (off);
+  use_dns (no);
+  use_fqdn (no);
+  create_dirs (no);
+  keep_hostname (yes);
+  perm(0640);
+  group("log");
+};
+
+source src {
+  system();
+  internal();
+};
+
+destination d_everything { file("/var/log/everything.log"); };
+
+log { source(src); destination(d_everything); };
+

roles/common/templates/syslog-ng@default.j2

+CONFIG_FILE=/etc/syslog-ng/syslog-ng.conf
+PERSIST_FILE=/var/lib/syslog-ng/syslog-ng.persist
+CONTROL_FILE=/var/lib/syslog-ng/syslog-ng.ctl
+PID_FILE=/run/syslog-ng.pid
+OTHER_OPTIONS="--enable-core"