From 25bde1105f0954cae37632a49096f693e1958031 Mon Sep 17 00:00:00 2001
From: Ryan Cavicchioni <ryan@cavi.cc>
Date: Tue, 3 Dec 2019 20:14:59 -0600
Subject: [PATCH] Add tmpfiles.d override for file permissions

The permissions for /var/log/syslog were being reset on boot
---
 roles/rsyslog/tasks/archival.yaml               | 14 ++++++++++++++
 roles/rsyslog/templates/tmpfiles_d-rsyslog.conf |  3 +++
 2 files changed, 17 insertions(+)
 create mode 100644 roles/rsyslog/templates/tmpfiles_d-rsyslog.conf

diff --git a/roles/rsyslog/tasks/archival.yaml b/roles/rsyslog/tasks/archival.yaml
index d786bbf..c733dc3 100644
--- a/roles/rsyslog/tasks/archival.yaml
+++ b/roles/rsyslog/tasks/archival.yaml
@@ -4,6 +4,20 @@
     rsyslog_default_rules_state: absent
   when: rsyslog_archival_format_enabled
 
+- name: configure systemd tmpfiles.d
+  template:
+    src: tmpfiles_d-rsyslog.conf
+    dest: /etc/tmpfiles.d/00rsyslog.conf
+    owner: root
+    group: root
+    mode: 0644
+  when: rsyslog_archival_format_enabled
+
+- name: manage systemd tmpfiles.d override
+  file:
+    path: /etc/tmpfiles.d/00rsyslog.conf
+    state: "{{ rsyslog_archival_format_enabled | ternary('file', 'absent') }}"
+
 - name: find default log files
   find:
     path: /var/log
diff --git a/roles/rsyslog/templates/tmpfiles_d-rsyslog.conf b/roles/rsyslog/templates/tmpfiles_d-rsyslog.conf
new file mode 100644
index 0000000..1fc1809
--- /dev/null
+++ b/roles/rsyslog/templates/tmpfiles_d-rsyslog.conf
@@ -0,0 +1,3 @@
+# {{ ansible_managed }}
+
+d /var/log/syslog {{ rsyslog_dir_create_mode }} {{ rsyslog_dir_owner }} {{ rsyslog_dir_group }} -