From ca847d057192d97cda673bcdd38c55151cf56f7a Mon Sep 17 00:00:00 2001
From: Jonathan Voss <jvoss@onvox.net>
Date: Mon, 1 Jul 2024 17:48:38 +0000
Subject: T6539: add logging options to load-balancer reverse-proxy

(cherry picked from commit dd5908eac390294ea178953fc0e6821d803d62f6)
---
 data/templates/load-balancing/haproxy.cfg.j2            | 17 +++++++++++++++--
 interface-definitions/include/haproxy/logging.xml.i     | 10 ++++++++++
 .../load-balancing_reverse-proxy.xml.in                 |  3 +++
 3 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 interface-definitions/include/haproxy/logging.xml.i

diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2
index c18a998b8..5137966c1 100644
--- a/data/templates/load-balancing/haproxy.cfg.j2
+++ b/data/templates/load-balancing/haproxy.cfg.j2
@@ -1,8 +1,6 @@
 ### Autogenerated by load-balancing_reverse-proxy.py ###
 
 global
-    log /dev/log local0
-    log /dev/log local1 notice
     chroot /var/lib/haproxy
     stats socket /run/haproxy/admin.sock mode 660 level admin
     stats timeout 30s
@@ -11,6 +9,11 @@ global
     daemon
 
 {% if global_parameters is vyos_defined %}
+{%     if global_parameters.logging is vyos_defined %}
+{%         for facility, facility_config in global_parameters.logging.facility.items() %}
+    log /dev/log {{ facility }} {{ facility_config.level }}
+{%         endfor %}
+{%     endif %}
 {%     if global_parameters.max_connections is vyos_defined %}
     maxconn {{ global_parameters.max_connections }}
 {%     endif %}
@@ -66,6 +69,11 @@ frontend {{ front }}
 {%         endif %}
 {%         if front_config.redirect_http_to_https is vyos_defined %}
     http-request redirect scheme https unless { ssl_fc }
+{%         endif %}
+{%         if front_config.logging is vyos_defined %}
+{%             for facility, facility_config in front_config.logging.facility.items() %}
+    log /dev/log {{ facility }} {{ facility_config.level }}
+{%             endfor %}
 {%         endif %}
     mode {{ front_config.mode }}
 {%         if front_config.tcp_request.inspect_delay is vyos_defined %}
@@ -165,6 +173,11 @@ backend {{ back }}
     option forwardfor
     http-request set-header X-Forwarded-Port %[dst_port]
     http-request add-header X-Forwarded-Proto https if { ssl_fc }
+{%         endif %}
+{%         if back_config.logging is vyos_defined %}
+{%             for facility, facility_config in back_config.logging.facility.items() %}
+    log /dev/log {{ facility }} {{ facility_config.level }}
+{%             endfor %}
 {%         endif %}
     mode {{ back_config.mode }}
 {%         if back_config.http_response_headers is vyos_defined %}
diff --git a/interface-definitions/include/haproxy/logging.xml.i b/interface-definitions/include/haproxy/logging.xml.i
new file mode 100644
index 000000000..e0af54fa4
--- /dev/null
+++ b/interface-definitions/include/haproxy/logging.xml.i
@@ -0,0 +1,10 @@
+<!-- include start from haproxy/logging.xml.i -->
+<node name="logging">
+  <properties>
+    <help>Logging parameters</help>
+  </properties>
+  <children>
+    #include <include/syslog-facility.xml.i>
+  </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/load-balancing_reverse-proxy.xml.in b/interface-definitions/load-balancing_reverse-proxy.xml.in
index 1a432be6d..18274622c 100644
--- a/interface-definitions/load-balancing_reverse-proxy.xml.in
+++ b/interface-definitions/load-balancing_reverse-proxy.xml.in
@@ -36,6 +36,7 @@
               </leafNode>
               #include <include/generic-description.xml.i>
               #include <include/listen-address.xml.i>
+              #include <include/haproxy/logging.xml.i>
               #include <include/haproxy/mode.xml.i>
               #include <include/port-number.xml.i>
               #include <include/haproxy/rule-frontend.xml.i>
@@ -91,6 +92,7 @@
                 <defaultValue>round-robin</defaultValue>
               </leafNode>
               #include <include/generic-description.xml.i>
+              #include <include/haproxy/logging.xml.i>
               #include <include/haproxy/mode.xml.i>
               #include <include/haproxy/http-response-headers.xml.i>
               <node name="http-check">
@@ -254,6 +256,7 @@
               <help>Global perfomance parameters and limits</help>
             </properties>
             <children>
+              #include <include/haproxy/logging.xml.i>
               <leafNode name="max-connections">
                 <properties>
                   <help>Maximum allowed connections</help>
-- 
cgit v1.2.3