roles/graylog: Add Graylog server deployment
The *graylog* role installs Graylog from the *graylog2.org* Yum repository and manages basic server configuration. It augments the default systemd unit to provide the `CAP_NET_BIND_SERVICE` capability to the Graylog server process via ambient capabilities, thereby allowing the server to bind to the privileged Syslog UDP port.
This commit is contained in:
12
roles/graylog/templates/graylog-server.sysconfig.j2
Normal file
12
roles/graylog/templates/graylog-server.sysconfig.j2
Normal file
@@ -0,0 +1,12 @@
|
||||
# Path to the java executable.
|
||||
JAVA=/usr/bin/java
|
||||
|
||||
# Default Java options for heap and garbage collection.
|
||||
GRAYLOG_SERVER_JAVA_OPTS="-Xms{{ graylog_memory }} -Xmx{{graylog_memory }} -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -Djavax.net.ssl.trustStore=/etc/pki/ca-trust/extracted/java/cacerts"
|
||||
|
||||
# Pass some extra args to graylog-server. (i.e. "-d" to enable debug mode)
|
||||
GRAYLOG_SERVER_ARGS=""
|
||||
|
||||
# Program that will be used to wrap the graylog-server command. Useful to
|
||||
# support programs like authbind.
|
||||
GRAYLOG_COMMAND_WRAPPER=""
|
||||
Reference in New Issue
Block a user