From 93e97cec0a9aa6b0247a0ed43a861d33992a54d5 Mon Sep 17 00:00:00 2001
From: Pieter van der Meulen <pieter.vandermeulen@surf.nl>
Date: Wed, 14 May 2025 09:58:18 +0200
Subject: [PATCH] Add logrotate configuraton for stepup-authentication.log

---
 roles/rsyslog/tasks/process_auth_logs.yml       | 12 +++++++++++-
 .../logrotate_stepup_authentication.j2          | 17 +++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 roles/rsyslog/templates/logrotate_stepup_authentication.j2

diff --git a/roles/rsyslog/tasks/process_auth_logs.yml b/roles/rsyslog/tasks/process_auth_logs.yml
index 8754ce2c3..7be776cf0 100644
--- a/roles/rsyslog/tasks/process_auth_logs.yml
+++ b/roles/rsyslog/tasks/process_auth_logs.yml
@@ -81,7 +81,7 @@
   with_items: "{{ rsyslog_environments }}" 
   when: item.db_loglogins_name is defined
 
-- name: Put log_logins logrotate scripts
+- name: Put log_logins logrotate scripts for ebauth
   template:
     src: logrotate_ebauth.j2
     dest: /etc/logrotate.d/logrotate_ebauth_{{ item.name }}
@@ -91,6 +91,16 @@
   with_items: "{{ rsyslog_environments }}"
   when: item.db_loglogins_name is defined
 
+- name: Put log_logins logrotate scripts for stepup
+  template:
+    src: logrotate_stepup_authentication.j2
+    dest: /etc/logrotate.d/logrotate_stepup_authentication_{{ item.name }}
+    mode: 0644
+    owner: root
+    group: root
+  with_items: "{{ rsyslog_environments }}"
+  when: item.db_loglogins_name is defined
+
 - name: Create logdirectory for log_logins cleanup script
   file: 
     path: "{{ rsyslog_dir }}/apps/{{ item.name }}/loglogins_cleanup/"
diff --git a/roles/rsyslog/templates/logrotate_stepup_authentication.j2 b/roles/rsyslog/templates/logrotate_stepup_authentication.j2
new file mode 100644
index 000000000..5174a913a
--- /dev/null
+++ b/roles/rsyslog/templates/logrotate_stepup_authentication.j2
@@ -0,0 +1,17 @@
+{{ rsyslog_dir }}/log_logins/{{ item.name }}/stepup-authentication.log
+{
+    missingok
+    daily
+    rotate 180
+    sharedscripts
+    dateext
+    dateyesterday
+    compress
+    delaycompress
+    create 0640 root {{ rsyslog_read_group }} 
+    postrotate
+      # TODO: Write logs to MySQL for further processing (e.g. for deprovisioning)
+      # E.g.: /usr/local/sbin/parse_stepup_authentication_to_mysql_{{ item.name }}.py > /dev/null
+      systemctl kill -s HUP rsyslog.service
+    endscript
+}