{ lib, ... }:

{
  services.rsyslogd = {
    enable = true;
    defaultConfig = ''
      # TODO: Vérifier s'il existe des services qui ne savent pas envoyer
      #       leurs logs sur journald (peut-être freeradius)
      global(
          workDirectory="/var/spool/rsyslog" # TODO: read the doc
          preserveFQDN="on"
      )

      module(load="imjournal")
      module(load="mmjsonparse")
      module(load="omrelp")

      module(
          load="builtin:omfile"
          template="RSYSLOG_FileFormat"
          fileOwner="root"
          fileGroup="root"
          fileCreateMode="0640"
          dirCreateMode="0755"
      )

      ruleset(name="sendLogsToRemote") {
          action(
              type="omrelp"

              target="10.206.1.10"
              port="20514"

              queue.type="LinkedList"
              queue.spoolDirectory="/var/spool/rsyslog"
              queue.fileName="queue_1"
              queue.saveOnShutdown="on"

              queue.highWatermark="500"
              queue.lowWatermark="100"
              queue.checkpointInterval="200"
              queue.syncqueuefiles="on"
              queue.maxDiskSpace="500m"

              action.resumeRetryCount="-1"
              action.reportSuspension="on"
              action.reportSuspensionContinuation="on"
          )
      }

      # Send local logs to the remote collector
      call sendLogsToRemote
    '';
  };

  # Pas de risque de boucle dès lors qu'on n'injecte pas les logs
  # dans journald. 
  systemd.services.syslog.serviceConfig.StandardOutput = lib.mkForce "journal";
}