Add journald

docs/README.rst

@@ -19,6 +19,7 @@ Formula to set up and configure systemd including
   * networkd
   * timesyncd
   * resolved
+  * journald
 
 .. contents:: **Table of Contents**
 
@@ -67,6 +68,10 @@ Available states
 
 Installs the systemd packages and libraries.
 
+``systemd.journald``
+^^^^^^^^^^^^^^^^^^^^^
+This state manages systemd-journald configuration
+
 ``systemd.timesyncd``
 ^^^^^^^^^^^^^^^^^^^^^
 This state installs systemd-timesyncd and configures both NTP and timezone

kitchen.yml

@@ -160,6 +160,7 @@ suites:
             - systemd
             - systemd.networkd
             - systemd.networkd.profiles
+            - systemd.journald
             - rsync_test_package
             - systemd.units
       pillars:

pillar.example

@@ -146,3 +146,31 @@ systemd:
               - Path: 'pci-0000:00:1a.0-*'
           - Link:
               - Name: internet0
+
+  ## journald
+  journald:
+    config_source: pillar
+    config:
+      SplitMode: uid
+      SyncIntervalSec: 5m
+      RateLimitIntervalSec: 30s
+      RateLimitBurst: 10000
+      SystemMaxUse: 2g
+      SystemKeepFree: 3g
+      SystemMaxFileSize: 4g
+      SystemMaxFiles: 100
+      RuntimeMaxFiles: 100
+      MaxFileSec: 1month
+      ForwardToSyslog: 'yes'
+      ForwardToKMsg: 'no'
+      ForwardToConsole: 'no'
+      ForwardToWall: 'yes'
+      TTYPath: /dev/console
+      MaxLevelStore: debug
+      MaxLevelSyslog: debug
+      MaxLevelKMsg: notice
+      MaxLevelConsole: info
+      MaxLevelWall: emerg
+      LineMax: 48K
+      ReadKMsg: 'yes'
+      Audit: 'no'

systemd/defaults.yaml

@@ -40,3 +40,10 @@ systemd:
       Cache: 'yes'
       DNSStubListener: 'yes'
       ReadEtcHosts: 'yes'
+
+  journald:
+    config_source: file
+    config:
+      Storage: auto
+      Compress: 'yes'
+      Seal: 'yes'

systemd/journald/config.sls

@@ -0,0 +1,70 @@
+{%- from "systemd/map.jinja" import systemd with context %}
+{%- from "systemd/libtofs.jinja" import files_switch with context -%}
+
+{%- set journald = systemd.get('journald', {}) %}
+{%- set config = journald.get('config', {}) %}
+
+journald:
+  {%- if journald.config_source == 'file' %}
+  file.managed:
+    - name: /etc/systemd/journald.conf
+    - user: root
+    - group: root
+    - mode: 644
+    - template: jinja
+    - source: {{ files_switch(['journald.conf'],
+                              lookup='journald',
+                              use_subpath=True
+                              )
+              }}
+  {%- elif journald.config_source == 'pillar' %}
+  ini.options_present:
+    - name: /etc/systemd/journald.conf
+    - separator: '='
+    - strict: True
+    - sections:
+        Journal:
+          {%- for k, v in config.items() %}
+            {%- if k in [
+              'Audit',
+              'Compress',
+              'ForwardToConsole',
+              'ForwardToKMsg',
+              'ForwardToSyslog',
+              'ForwardToWall',
+              'LineMax',
+              'MaxFileSec',
+              'MaxLevelConsole',
+              'MaxLevelKMsg',
+              'MaxLevelStore',
+              'MaxLevelSyslog',
+              'MaxLevelWall',
+              'MaxRetentionSec',
+              'RateLimitBurst',
+              'RateLimitIntervalSec',
+              'ReadKMsg',
+              'RuntimeKeepFree',
+              'RuntimeMaxFileSize',
+              'RuntimeMaxFiles',
+              'RuntimeMaxUse',
+              'Seal',
+              'SplitMode',
+              'Storage',
+              'SyncIntervalSec',
+              'SystemKeepFree',
+              'SystemMaxFileSize',
+              'SystemMaxFiles',
+              'SystemMaxUse',
+              'TTYPath',
+              ]
+            %}
+          {{ k }}: {{ v | yaml }}
+            {%- endif %}
+          {%- endfor %}
+
+    {%- endif %}
+    - listen_in:
+      - service: journald
+  service.running:
+    - name: systemd-journald
+    - enable: True

systemd/journald/files/default/journald.conf

@@ -0,0 +1,46 @@
+# This file managed by Salt, do not edit by hand!!
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See journald.conf(5) for details.
+
+[Journal]
+#Storage=auto
+#Compress=yes
+#Seal=yes
+#SplitMode=uid
+#SyncIntervalSec=5m
+#RateLimitIntervalSec=30s
+#RateLimitBurst=10000
+#SystemMaxUse=
+#SystemKeepFree=
+#SystemMaxFileSize=
+#SystemMaxFiles=100
+#RuntimeMaxUse=
+#RuntimeKeepFree=
+#RuntimeMaxFileSize=
+#RuntimeMaxFiles=100
+#MaxRetentionSec=
+#MaxFileSec=1month
+#ForwardToSyslog=yes
+#ForwardToKMsg=no
+#ForwardToConsole=no
+#ForwardToWall=yes
+#TTYPath=/dev/console
+#MaxLevelStore=debug
+#MaxLevelSyslog=debug
+#MaxLevelKMsg=notice
+#MaxLevelConsole=info
+#MaxLevelWall=emerg
+#LineMax=48K
+#ReadKMsg=yes
+#Audit=no

systemd/journald/init.sls

@@ -0,0 +1,2 @@
+include:
+  - .config

systemd/resolved/files/default/resolved.conf

@@ -1,3 +1,5 @@
+# This file managed by Salt, do not edit by hand!!
+#
 #  This file is part of systemd.
 #
 #  systemd is free software; you can redistribute it and/or modify it

test/integration/default/controls/journald_spec.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+control 'Systemd Journald' do
+  title 'should match desired lines'
+
+  describe file('/etc/systemd/journald.conf') do
+    its('type') { should eq :file }
+    its('mode') { should cmp '0644' }
+    its('owner') { should eq 'root' }
+    its('group') { should eq 'root' }
+
+    its('content') { should include '[Journal]' }
+    its('content') { should include 'Storage = auto' }
+    its('content') { should include 'Compress = yes' }
+    its('content') { should include 'Seal = yes' }
+    its('content') { should include 'SplitMode = uid' }
+    its('content') { should include 'SyncIntervalSec = 5m' }
+    its('content') { should include 'RateLimitIntervalSec = 30s' }
+    its('content') { should include 'RateLimitBurst = 10000' }
+    its('content') { should include 'SystemMaxUse = 2g' }
+    its('content') { should include 'SystemKeepFree = 3g' }
+    its('content') { should include 'SystemMaxFileSize = 4g' }
+    its('content') { should include 'SystemMaxFiles = 100' }
+    its('content') { should include '#RuntimeMaxUse=' }
+    its('content') { should include '#RuntimeKeepFree=' }
+    its('content') { should include '#RuntimeMaxFileSize=' }
+    its('content') { should include 'RuntimeMaxFiles = 100' }
+    its('content') { should include '#MaxRetentionSec=' }
+    its('content') { should include 'MaxFileSec = 1month' }
+    its('content') { should include 'ForwardToSyslog = yes' }
+    its('content') { should include 'ForwardToKMsg = no' }
+    its('content') { should include 'ForwardToConsole = no' }
+    its('content') { should include 'ForwardToWall = yes' }
+    its('content') { should include 'TTYPath = /dev/console' }
+    its('content') { should include 'MaxLevelStore = debug' }
+    its('content') { should include 'MaxLevelSyslog = debug' }
+    its('content') { should include 'MaxLevelKMsg = notice' }
+    its('content') { should include 'MaxLevelConsole = info' }
+    its('content') { should include 'MaxLevelWall = emerg' }
+    its('content') { should include 'LineMax = 48K' }
+    its('content') { should include 'ReadKMsg = yes' }
+    its('content') { should include 'Audit = no' }
+  end
+
+  describe service('systemd-journald.service') do
+    it { should be_enabled }
+    it { should be_running }
+  end
+end