xai-corp.net/provisioning
1
0
Fork 0
Code Issues 9 Releases Activity

update_hosts.yml with motd, login page and rsyslog config

Browse Source
This commit is contained in:
richard
2021-12-22 15:12:51 -05:00
parent ebae058a0b
commit 14f8936790
16 changed files with 589 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -17,3 +17,4 @@ password.txt
!/dockerfiles/services/sslproxy/certs/live/ !/dockerfiles/services/sslproxy/certs/live/
venv/ venv/
.pass

2
ansible-5/ansible.cfg
View File

@@ -3,3 +3,5 @@
inventory = ./inventory.ini inventory = ./inventory.ini
remote_user = ansible remote_user = ansible
roles_path = ./roles roles_path = ./roles
vault_password_file=.pass

57
ansible-5/playbooks/bootstrap.yaml
View File

@@ -5,6 +5,9 @@
gather_facts: false gather_facts: false
# become: true # become: true
vars:
authorized_ssh_keys:
pre_tasks: pre_tasks:
# - raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal) # - raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
- setup: # aka gather_facts - setup: # aka gather_facts
@@ -37,14 +40,58 @@
uid: "1001" uid: "1001"
groups: groups:
- sudo - sudo
# generate_ssh_key: yes
# ssh_keys: - name: Add the user 'richard'
# - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAmJSdmj03d4fnZUuRByevPDNiReEk1fRL+7F9WPCo5zn+r5Oj84HXxd4P03DNXeGSBYmUAnsTqYEGdkjkpSrKfMm9bv8amL7hUC+Mzb+wOmXmyX1cw/SearYCBQRCz1s5p7I9+PO7XWaC0VJ99LUm1Bp4JM149U5X0Y3M2j2XV+0= RSA-1024" become: true
ansible.builtin.user:
name: richard
state: present
shell: /bin/bash
create_home: yes
password: "$6$yNKLUxX0$lxy/jaJI7cKCq5j.KondUalu9r96gUeRR//5qciZ/RX9z9PGSpbU9j7OsxaOzqV5uLeQ9ouIe8quo/2YqKE46/"
uid: "1000"
groups:
- sudo
- name: Add the authorized key for 'ansible' - name: Add the authorized key for 'ansible'
become: true become: true
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: ansible user: ansible
state: present state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAmJSdmj03d4fnZUuRByevPDNiReEk1fRL+7F9WPCo5zn+r5Oj84HXxd4P03DNXeGSBYmUAnsTqYEGdkjkpSrKfMm9bv8amL7hUC+Mzb+wOmXmyX1cw/SearYCBQRCz1s5p7I9+PO7XWaC0VJ99LUm1Bp4JM149U5X0Y3M2j2XV+0= RSA-1024" exclusive: yes
# key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}" key: !vault |
$ANSIBLE_VAULT;1.1;AES256
64646433313163316163633030333230653437336365363433656332323463376233306162316139
6531393536343433653164666162373930393630376564310a393232323031633037313335356432
62323763663334393339366537393931613161323537323030623234633631613030623864663162
3331373335326664310a313233306233373932323138343866623836646132363135653064636635
35616130343963663633623634626434633366393862376562393963343935623236313736656635
39343033306163343337313365393635306364653234343031373432346238366162313864616264
35313263646331303939376232383062323138373535633739393935396434313230613764363536
62346364326130386636353435626162636530353634316234386633613333626266353665356239
34626339333733333530373830623764613136363337653061663436633639346532306663303930
33313638363939373364373739396330666332353232663661373263373036636634323765633032
64346134356161383333313665356463363332613237313032656236303130323936333266333732
39656435356234353262373430633331316265316236386564326364616565666364666535353864
66313031366566396339333338333338386161303130303361396263396562623231313463623864
62666132613033633733336434373161316664626531336363306664373131303937383066363066
636534343631376365633666316534663932
- name: Add the authorized key for 'richard'
become: true
ansible.posix.authorized_key:
user: richard
state: present
# key: "{{ lookup('file', '/home/richard/.ssh/id_rsa.pub') }}"
key: "{{ item }}"
with_file:
- '/home/richard/.ssh/id_rsa.pub'
- name: add ansible to sudoers
become: true
lineinfile:
dest: /etc/sudoers
state: present
regexp: '^ansible ALL='
line: 'ansible ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'

16
ansible-5/playbooks/update_hosts.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
# update the managed host machines
- name: updates
hosts: managed
gather_facts: true
vars:
roles:
- role: common
become: true
- role: rsyslog
become: true
tasks:

163
ansible-5/roles/common/files/motd/cubox.sh Normal file
View File

@@ -0,0 +1,163 @@
#!/bin/bash
#
# 30-sysinfo - generate the system information
# Copyright (c) 2015-2017 Igor Pecovnik
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
THIS_SCRIPT="sysinfo"
MOTD_DISABLE=""
[[ -f /etc/default/armbian-motd ]] && . /etc/default/armbian-motd
for f in $MOTD_DISABLE; do
[[ $f == $THIS_SCRIPT ]] && exit 0
done
# define which hard drive you want to monitor
storage=/dev/sda1
# don't edit below here
function display() {
# $1=name $2=value $3=red_limit $4=minimal_show_limit $5=unit $6=after $7=acs/desc{
# battery red color is opposite, lower number
if [[ "$1" == "Battery" ]]; then local great="<"; else local great=">"; fi
if [[ -n "$2" && "$2" > "0" && (( "${2%.*}" -ge "$4" )) ]]; then
printf "%-14s%s" "$1:"
if awk "BEGIN{exit ! ($2 $great $3)}"; then echo -ne "\e[0;91m $2"; else echo -ne "\e[0;92m $2"; fi
printf "%-1s%s\x1B[0m" "$5"
printf "%-11s%s\t" "$6"
return 1
fi
} # display
function getboardtemp() {
if [ -f /etc/armbianmonitor/datasources/soctemp ]; then
read raw_temp </etc/armbianmonitor/datasources/soctemp
if [ ${raw_temp} -le 200 ]; then
# Allwinner legacy kernels output degree C
board_temp=${raw_temp}
else
# Marvell gets special treatment for whatever reasons
grep -qi Marvell /proc/cpuinfo && \
board_temp=$(( $(awk '{printf("%d",$1/1000)}' <<<${raw_temp}) - 20 )) || \
board_temp=$(awk '{printf("%d",$1/1000)}' <<<${raw_temp})
fi
elif [ -f /etc/armbianmonitor/datasources/pmictemp ]; then
# fallback to PMIC temperature
board_temp=$(awk '{printf("%d",$1/1000)}' </etc/armbianmonitor/datasources/pmictemp)
fi
} # getboardtemp
function batteryinfo() {
# Battery info for Allwinner
mainline_dir="/sys/power/axp_pmu"
legacy_dir="/sys/class/power_supply"
if [[ -e "$mainline_dir" ]]; then
read status_battery_connected < $mainline_dir/battery/connected
if [[ "$status_battery_connected" == "1" ]]; then
read status_battery_charging < $mainline_dir/charger/charging
read status_ac_connect < $mainline_dir/ac/connected
read battery_percent< $mainline_dir/battery/capacity
# dispay charging / percentage
if [[ "$status_ac_connect" == "1" && "$battery_percent" -lt "100" ]]; then
status_battery_text=" charging"
elif [[ "$status_ac_connect" == "1" && "$battery_percent" -eq "100" ]]; then
status_battery_text=" charged"
else
status_battery_text=" discharging"
fi
fi
elif [[ -e "$legacy_dir/battery" ]]; then
if [[ (("$(cat $legacy_dir/battery/voltage_now)" -gt "5" )) ]]; then
status_battery_text=" "$(awk '{print tolower($0)}' < $legacy_dir/battery/status)
read battery_percent <$legacy_dir/battery/capacity
fi
fi
} # batteryinfo
function ambienttemp() {
# read ambient temperature from USB device if available
amb_temp=$(temper -c 2>/dev/null)
case ${amb_temp} in
*"find the USB device"*)
echo ""
;;
*)
amb_temp=$(awk '{print $NF}' <<<$amb_temp | sed 's/C//g')
echo -n "scale=1;${amb_temp}/1" | grep -oE "\-?[[:digit:]]+.[[:digit:]]"
esac
} # ambienttemp
function get_ip_addresses() {
# return up to 2 IPv4 address(es) comma separated
hostname -I | tr " " "\n" | \
grep -E "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$" | \
tail -n2 | sed ':a;N;$!ba;s/\n/,/g'
} # get_ip_addresses
function storage_info() {
# storage info
RootInfo=$(df -h /)
root_usage=$(awk '/\// {print $(NF-1)}' <<<${RootInfo} | sed 's/%//g')
root_total=$(awk '/\// {print $(NF-4)}' <<<${RootInfo})
StorageInfo=$(df -h $storage 2>/dev/null | grep $storage)
if [ -n "${StorageInfo}" ]; then
storage_usage=$(awk '/\// {print $(NF-1)}' <<<${StorageInfo} | sed 's/%//g')
storage_total=$(awk '/\// {print $(NF-4)}' <<<${StorageInfo})
[[ "$storage" == */sd* ]] && hdd_temp=$(hddtemp -u C -nq $storage)
fi
} # storage_info
# query various systems and send some stuff to the background for overall faster execution.
# Works only with ambienttemp and batteryinfo since A20 is slow enough :)
amb_temp=$(ambienttemp &)
ip_address=$(get_ip_addresses &)
batteryinfo
storage_info
getboardtemp
critical_load=$(( 1 + $(grep -c processor /proc/cpuinfo) / 2 ))
# get uptime, logged in users and load in one take
UptimeString=$(uptime | tr -d ',')
time=$(awk -F" " '{print $3" "$4}' <<<"${UptimeString}")
load="$(awk -F"average: " '{print $2}'<<<"${UptimeString}")"
users="$(awk -F" user" '{print $1}'<<<"${UptimeString}")"
case ${time} in
1:*) # 1-2 hours
time=$(awk -F" " '{print $3" hour"}' <<<"${UptimeString}")
;;
*:*) # 2-24 hours
time=$(awk -F" " '{print $3" hours"}' <<<"${UptimeString}")
;;
esac
# memory and swap
mem_info=$(LANG=en_US.UTF-8 free -w 2>/dev/null | grep "^Mem" || LANG=en_US.UTF-8 free | grep "^Mem")
memory_usage=$(awk '{printf("%.0f",(($2-($4+$6+$7))/$2) * 100)}' <<<${mem_info})
memory_total=$(awk '{printf("%d",$2/1024)}' <<<${mem_info})
swap_info=$(LANG=en_US.UTF-8 free -m | grep "^Swap")
swap_usage=$( (awk '/Swap/ { printf("%3.0f", $3/$2*100) }' <<<${swap_info} 2>/dev/null || echo 0) | tr -c -d '[:digit:]')
swap_total=$(awk '{print $(2)}' <<<${swap_info})
# display info
display "System load" "${load%% *}" "${critical_load}" "0" "" "${load#* }"
printf "Up time: \x1B[92m%s\x1B[0m\t\t" "$time"
display "Local users" "${users##* }" "3" "2" ""
echo "" # fixed newline
display "Memory usage" "$memory_usage" "70" "0" " %" " of ${memory_total}MB"
display "Swap usage" "$swap_usage" "10" "0" " %" " of $swap_total""Mb"
printf "IP: "
printf "\x1B[92m%s\x1B[0m" "$ip_address"
echo "" # fixed newline
a=0;b=0;c=0
display "CPU temp" "$board_temp" "45" "0" "°C" "" ; a=$?
display "HDD temp" "$hdd_temp" "45" "0" "°C" "" ; b=$?
display "Ambient temp" "$amb_temp" "40" "0" "°C" "" ; c=$?
(( ($a+$b+$c) >0 )) && echo "" # new line only if some value is displayed
display "Usage of /" "$root_usage" "90" "1" "%" " of $root_total"
display "storage/" "$storage_usage" "90" "1" "%" " of $storage_total"
display "Battery" "$battery_percent" "20" "1" "%" "$status_battery_text"
echo ""
echo ""

2
ansible-5/roles/common/files/motd/hostname.sh Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/bash
figlet $(hostname)

167
ansible-5/roles/common/files/motd/systats.sh Normal file
View File

@@ -0,0 +1,167 @@
#!/bin/bash
#
# 10-sysinfo - generate the system information
# Copyright (c) 2013 Nick Charlton
#
# Authors: Nick Charlton &lt;hello@nickcharlton.net&gt;
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# define which hard drive you want to monitor
storage=/dev/sda1
function display() {
# $1=name $2=value $3=red_limit $4=minimal_show_limit $5=unit $6=after $7=acs/desc{
# battery red color is opposite, lower number
if [[ "$1" == "Battery" ]]; then local great="<"; else local great=">"; fi
if [[ -n "$2" && "$2" > "0" && (( "${2%.*}" -ge "$4" )) ]]; then
printf "%-14s%s" "$1:"
if awk "BEGIN{exit ! ($2 $great $3)}"; then echo -ne "\e[0;91m $2"; else echo -ne "\e[0;92m $2"; fi
printf "%-1s%s\x1B[0m" "$5"
printf "%-11s%s\t" "$6"
return 1
fi
} # display
#function getboardtemp() {
# if [ -f /etc/armbianmonitor/datasources/soctemp ]; then
# read raw_temp </etc/armbianmonitor/datasources/soctemp
# if [ ${raw_temp} -le 200 ]; then
# # Allwinner legacy kernels output degree C
# board_temp=${raw_temp}
# else
# # Marvell gets special treatment for whatever reasons
# grep -qi Marvell /proc/cpuinfo && \
# board_temp=$(( $(awk '{printf("%d",$1/1000)}' <<<${raw_temp}) - 20 )) || \
# board_temp=$(awk '{printf("%d",$1/1000)}' <<<${raw_temp})
# fi
# elif [ -f /etc/armbianmonitor/datasources/pmictemp ]; then
# # fallback to PMIC temperature
# board_temp=$(awk '{printf("%d",$1/1000)}' </etc/armbianmonitor/datasources/pmictemp)
# fi
#} # getboardtemp
#function batteryinfo() {
# # Battery info for Allwinner
# mainline_dir="/sys/power/axp_pmu"
# legacy_dir="/sys/class/power_supply"
# if [[ -e "$mainline_dir" ]]; then
# read status_battery_connected < $mainline_dir/battery/connected
# if [[ "$status_battery_connected" == "1" ]]; then
# read status_battery_charging < $mainline_dir/charger/charging
# read status_ac_connect < $mainline_dir/ac/connected
# read battery_percent< $mainline_dir/battery/capacity
# # dispay charging / percentage
# if [[ "$status_ac_connect" == "1" && "$battery_percent" -lt "100" ]]; then
# status_battery_text=" charging"
# elif [[ "$status_ac_connect" == "1" && "$battery_percent" -eq "100" ]]; then
# status_battery_text=" charged"
# else
# status_battery_text=" discharging"
# fi
# fi
# elif [[ -e "$legacy_dir/battery" ]]; then
# if [[ (("$(cat $legacy_dir/battery/voltage_now)" -gt "5" )) ]]; then
# status_battery_text=" "$(awk '{print tolower($0)}' < $legacy_dir/battery/status)
# read battery_percent <$legacy_dir/battery/capacity
# fi
# fi
#} # batteryinfo
#
#function ambienttemp() {
# # read ambient temperature from USB device if available
# amb_temp=$(temper -c 2>/dev/null)
# case ${amb_temp} in
# *"find the USB device"*)
# echo ""
# ;;
# *)
# amb_temp=$(awk '{print $NF}' <<<$amb_temp | sed 's/C//g')
# echo -n "scale=1;${amb_temp}/1" | grep -oE "\-?[[:digit:]]+.[[:digit:]]"
# esac
#} # ambienttemp
function get_ip_addresses() {
# return up to 2 IPv4 address(es) comma separated
hostname -I | tr " " "\n" | \
grep "192.168." | \
tail -n2 | sed ':a;N;$!ba;s/\n/,/g'
} # get_ip_addresses
ip_address=$(get_ip_addresses &)
## storage
#function storage_info() {
# # storage info
# RootInfo=$(df -h /)
# root_usage=$(awk '/\// {print $(NF-1)}' <<<${RootInfo} | sed 's/%//g')
# root_total=$(awk '/\// {print $(NF-4)}' <<<${RootInfo})
# StorageInfo=$(df -h $storage 2>/dev/null | grep $storage)
# if [ -n "${StorageInfo}" ]; then
# storage_usage=$(awk '/\// {print $(NF-1)}' <<<${StorageInfo} | sed 's/%//g')
# storage_total=$(awk '/\// {print $(NF-4)}' <<<${StorageInfo})
# [[ "$storage" == */sd* ]] && hdd_temp=$(hddtemp -u C -nq $storage)
# fi
#} # storage_info
#storage_info
root_usage=`df -h / | awk '/\// {print $(NF-1)}'`
## System info
date=`date`
UptimeString=$(uptime | tr -d ',')
time=$(awk -F" " '{print $3" "$4}' <<<"${UptimeString}")
load="$(awk -F"average: " '{print $2}'<<<"${UptimeString}")"
users="$(awk -F" user" '{print $1}'<<<"${UptimeString}")"
critical_load=$(( 1 + $(grep -c processor /proc/cpuinfo) / 2 ))
processes=`ps aux | wc -l`
## memory and swap
mem_info=$(LANG=en_US.UTF-8 free -w 2>/dev/null | grep "^Mem" || LANG=en_US.UTF-8 free | grep "^Mem")
memory_usage=$(awk '{printf("%.0f",(($2-($4+$6+$7))/$2) * 100)}' <<<${mem_info})
memory_total=$(awk '{printf("%d",$2/1024)}' <<<${mem_info})
swap_info=$(LANG=en_US.UTF-8 free -m | grep "^Swap")
swap_usage=$( (awk '/Swap/ { printf("%3.0f", $3/$2*100) }' <<<${swap_info} 2>/dev/null || echo 0) | tr -c -d '[:digit:]')
swap_total=$(awk '{print $(2)}' <<<${swap_info})
swap_usage=`free -m | awk '/Swap:/ { printf("%3.1f%%", $3/$2*100) }'`
#batteryinfo
#getboardtemp
# DISPLAY
echo "System information as of: $date"
echo
display "System load" "${load%% *}" "${critical_load}" "0" "" "${load#* }"
printf "Up time: \x1B[92m%s\x1B[0m\t\t" "$time"
echo "" # fixed newline
display "Memory usage" "$memory_usage" "70" "0" " %" " of ${memory_total}MB"
display "Swap usage" "$swap_usage" "10" "0" " %" " of ${swap_total}Mb"
echo ""
display "Usage of /" "$root_usage" "90" "1" "%" " of $root_total"
printf "IP: "
printf "\x1B[92m%s\x1B[0m" "$ip_address"
echo ""
display "Local users" "${users##* }" "3" "0" ""
display "Processes" "${processes##* }" "150" "100" ""
echo ""
#a=0;b=0;c=0
#display "CPU temp" "$board_temp" "45" "0" "°C" "" ; a=$?
#display "HDD temp" "$hdd_temp" "45" "0" "°C" "" ; b=$?
#display "Ambient temp" "$amb_temp" "40" "0" "°C" "" ; c=$?
#(( ($a+$b+$c) >0 )) && echo "" # new line only if some value is displayed

18
ansible-5/roles/common/tasks/apply_updates.yml Normal file
View File

@@ -0,0 +1,18 @@
---
# update packages to latest
- name: run apt updates
apt:
upgrade: dist
update_cache: yes
cache_valid_time: 3600
when: ansible_os_family == "Debian"
- name: check for reboot required
stat:
path: /var/run/reboot-required
register: reboot_required
- name: reboot after updates
reboot:
when: reboot_required.stat.exists

6
ansible-5/roles/common/tasks/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
# update packages to latest
- include_tasks: apply_updates.yml
- include_tasks: motd.yml

38
ansible-5/roles/common/tasks/motd.yml Normal file
View File

@@ -0,0 +1,38 @@
---
# main tasks for setting up motd dynamic shell header
- debug: var=ansible_nodename
- name: Install required packages
apt:
name: "{{ item }}"
update_cache: yes
cache_valid_time: 3600
state: latest
with_items:
- lsb-release
- figlet
- update-motd
- lm-sensors
when: ansible_architecture != 'armv7l'
- name: remove help text
file:
state: absent
path: "{{ item }}"
with_items:
- /etc/update-motd.d/10-help-text
- /etc/update-motd.d/51-cloudguest
when: ansible_architecture != 'armv7l'
- name: add new info
copy:
src: "{{ item.src }}"
dest: /etc/update-motd.d/{{ item.dest }}
mode: 755
with_items:
- { src: motd/hostname.sh, dest: 10-hostname }
- { src: motd/systats.sh, dest: 11-sysstats}
when: ansible_architecture != 'armv7l'

8
ansible-5/roles/rsyslog/defaults/main.yml Normal file
View File

@@ -0,0 +1,8 @@
---
# default values
rsyslog:
user: root
group: root
service: rsyslog
configs: []

9
ansible-5/roles/rsyslog/handlers/main.yml Normal file
View File

@@ -0,0 +1,9 @@
---
# handlers/main.yml
# define handlers here
- name: restart rsyslog
service: name={{ rsyslog.service }} state=restarted
- name: stop rsyslog
service: name={{ rsyslog.service }} state=stopped

31
ansible-5/roles/rsyslog/tasks/main.yml Normal file
View File

@@ -0,0 +1,31 @@
---
# main tasks for rsyslog config
- debug: var=rsyslog
- name: remove packages
apt:
state: present
name: "{{item}}"
update_cache: yes
cache_valid_time: 86400
with_items:
- rsyslog-gnutls
- name: copy tls certs for papertrail
get_url:
url: https://papertrailapp.com/tools/papertrail-bundle.pem
dest: /etc/papertrail-bundle.pem
force: yes
mode: 0644
- name: copy custom configs
template:
src: "{{ item }}.j2"
dest: /etc/rsyslog.d/{{ item }}.conf
owner: "{{ rsyslog.user }}"
group: "{{ rsyslog.group }}"
mode: 0644
with_items: "{{rsyslog.configs}}"
notify:
- restart rsyslog

7
ansible-5/roles/rsyslog/templates/48-ship2papertrail.j2 Normal file
View File

@@ -0,0 +1,7 @@
$DefaultNetstreamDriverCAFile /etc/papertrail-bundle.pem # trust these CAs
$ActionSendStreamDriver gtls # use gtls netstream driver
$ActionSendStreamDriverMode 1 # require TLS
$ActionSendStreamDriverAuthMode x509/name # authenticate by hostname
$ActionSendStreamDriverPermittedPeer *.papertrailapp.com
*.* @@logs6.papertrailapp.com:38577

1
ansible-5/roles/rsyslog/templates/49-shiptograylog.j2 Normal file
View File

@@ -0,0 +1 @@
*.* @logs.xai-corp.net:31514

68
ansible-5/roles/rsyslog/templates/50-default.conf Normal file
View File

@@ -0,0 +1,68 @@
# Default rules for rsyslog.
#
# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
#daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
#lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
#user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
#mail.info -/var/log/mail.info
#mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Logging for INN news system.
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some "catch-all" log files.
#
#*.=debug;\
# auth,authpriv.none;\
# news.none;mail.none -/var/log/debug
#*.=info;*.=notice;*.=warn;\
# auth,authpriv.none;\
# cron,daemon.none;\
# mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg :omusrmsg:*
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole