Add a variable for destination of the verbose SFTP log

Pass the destination (file or syslog target / host) for the verbose SFTP
logs as a variable.

The current hard-coded setting -/var/log/sftp/verbose.log remains as
default for the variable.

Closes #2

README.md

@@ -28,7 +28,8 @@ The following role variables are relevant:
 * `sftp_start_directory`: A directory that need to be part of sftp_directories values and that is the start directory of new sftp connection. Disable by default with an empty string value.
 * `sftp_allow_passwords`: Whether or not to allow password authentication for SFTP. Defaults to False.
 * `sftp_enable_selinux_support`: Whether or not to explicitly enable SELinux support. Defaults to False.
-* `sftp_enable_logging`: Enable logging. Auth logs will be written to `/var/log/sftp/auth.log`, and SFTP activity logs will be written to `/var/log/sftp/verbose.log`. Defaults to False.
+* `sftp_enable_logging`: Enable logging; defaults to `False`.
+* `sftp_logging_destination`: Rsyslogd destination for SFTP activity logs; defaults to  `-/var/log/sftp/verbose.log`.
 * `sftp_users`: A list of users, in map form, containing the following elements:
   * `name`: The Unix name of the user that requires SFTP access.
   * `group`: An optional user primary group. If set, it will be used for the user's home permission. Otherwise, the `sftp_group_name` is used.

defaults/main.yml

@@ -7,4 +7,5 @@ sftp_allow_passwords: False
 sftp_enable_selinux_support: False
 sftp_enable_logging: False
 sftp_nologin_shell: /sbin/nologin
+sftp_logging_destination: -/var/log/sftp/verbose.log
 sftp_configure_sshd: true

tasks/main.yml

@@ -157,7 +157,7 @@
       {% endfor %}
 
       # Log internal-sftp in a separate file
-      :programname, isequal, "internal-sftp" -/var/log/sftp/verbose.log
+      :programname, isequal, "internal-sftp" {{ sftp_logging_destination }}
       :programname, isequal, "internal-sftp" ~
   when: sftp_enable_logging
   notify: SFTP-Server | Restart rsyslog