doc: add ROSI setup walkthrough

[rgerhards]

Why
Provide a short operator path for ROSI Collector that gets readers
from initial setup to first-client validation without sending them
through multiple reference pages first.

Impact
Adds a new ROSI deployment walkthrough and links it into the docs nav.

Before/After
Before: ROSI docs had detailed reference pages but no compact end-to-end
setup flow.
After: ROSI docs include a generalized walkthrough for collector setup,
client onboarding, and first validation.

Technical Overview

• add a new ROSI Collector setup walkthrough page
• keep the content generalized and provider-neutral
• reuse an existing neutral product screenshot
• link the new page from the ROSI Collector index and deployments index
• register the page in doc/Makefile.am

Validation

• ./doc/tools/build-doc-linux.sh --clean --format html

Notes

• the repo-local scripts/check-doc-dist.sh referenced by the doc skill was
  not present in this checkout, so that exact packaging check could not be run

With the help of AI-Agents: Codex

[cubic-dev-ai]

No issues found across 8 files

[github-actions]

📖 Documentation Preview Ready!

✅ Sphinx docs built and deployed for this PR.

🌐 Browse Online (Recommended):

📚 View Documentation Online →

🔗 Quick Links:

• Browse Online → http://rgerhards.github.io/rsyslog/pr-186/
• View workflow run → https://github.com/rgerhards/rsyslog/actions/runs/22912618839
• Download artifacts → https://github.com/rgerhards/rsyslog/actions/runs/22912618839#artifacts

---

🤖 This comment was generated by the docs workflow.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the ROSI Collector documentation by introducing a streamlined setup walkthrough. This new guide aims to provide users with the quickest path from initial installation to a fully functional ROSI deployment with an enrolled client, simplifying the onboarding process and reducing the need to consult multiple reference pages.

Highlights

• New ROSI Collector Setup Walkthrough: A new setup_walkthrough.rst page has been added to provide a concise, end-to-end guide for deploying ROSI Collector, onboarding a client, and validating logs and metrics.
• Documentation Navigation Updates: The new walkthrough is integrated into the documentation navigation, with links added in doc/source/deployments/index.rst and doc/source/deployments/rosi_collector/index.rst, and registered in doc/Makefile.am.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• doc/Makefile.am
  • Registered the new setup_walkthrough.rst file to ensure it's included in the documentation build.
• doc/source/deployments/index.rst
  • Added a new introductory link to the "ROSI Collector Setup Walkthrough" for users seeking the shortest path to deployment.
• doc/source/deployments/rosi_collector/index.rst
  • Included a prominent link to the new setup_walkthrough at the top of the ROSI Collector guide.
  • Added setup_walkthrough to the toctree for proper navigation.
• doc/source/deployments/rosi_collector/setup_walkthrough.rst
  • Created a comprehensive, step-by-step guide covering collector host preparation, stack initialization, client enrollment, and end-to-end validation for ROSI Collector.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a valuable ROSI setup walkthrough, providing a clear, end-to-end guide for new users to quickly get a ROSI Collector running and onboard their first client. The changes correctly integrate the new documentation page into the existing structure. My feedback focuses on enhancing the clarity of the new walkthrough by explicitly guiding users to replace placeholder values with their specific environment details, which is crucial for a step-by-step guide.

[gemini-code-assist]

While example.com is a standard placeholder, explicitly mentioning that users should replace logs.example.com and admin@example.com with their actual domain would enhance clarity for a walkthrough aimed at new users. This helps prevent potential confusion during the initial setup.

Suggested change

	sudo TRAEFIK_DOMAIN=logs.example.com \
	TRAEFIK_EMAIL=admin@example.com \
	sudo TRAEFIK_DOMAIN=your.domain.com \
	TRAEFIK_EMAIL=admin@your.domain.com \

[gemini-code-assist]

For a walkthrough, it would be beneficial to explicitly instruct users to replace logs.example.com with their actual collector domain when downloading the client setup script. This ensures they don't inadvertently try to download from the example domain.

Suggested change

	wget https://logs.example.com/downloads/install-rsyslog-client.sh
	wget https://<YOUR_COLLECTOR_DOMAIN>/downloads/install-rsyslog-client.sh

[gemini-code-assist]

Consistent with previous suggestions, explicitly instructing users to replace logs.example.com with their actual collector domain here will improve the clarity and usability of the walkthrough for the node exporter setup.

Suggested change

	wget https://logs.example.com/downloads/install-node-exporter.sh
	wget https://<YOUR_COLLECTOR_DOMAIN>/downloads/install-node-exporter.sh

[gemini-code-assist]

The IP address 198.51.100.1 is an example. It would significantly improve clarity for the walkthrough to explicitly state that this should be replaced with the actual client's IP address, ensuring users configure their Prometheus targets correctly.

Suggested change

	sudo prometheus-target add-client 198.51.100.1 \
	host=web-01 role=web env=production network=internal
	sudo prometheus-target add-client <CLIENT_IP_ADDRESS> \
	host=web-01 role=web env=production network=internal

[cubic-dev-ai]

2 issues found across 4 files (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="doc/source/deployments/rosi_collector/setup_walkthrough.rst">

<violation number="1" location="doc/source/deployments/rosi_collector/setup_walkthrough.rst:164">
P3: The firewall "minimum rule set" now unconditionally opens `6514/tcp`, even though this port is only required when syslog TLS is enabled.</violation>

<violation number="2" location="doc/source/deployments/rosi_collector/setup_walkthrough.rst:232">
P2: The password-retrieval command is missing `sudo`, so it can fail with permission denied on the root-owned `.env` file.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P2: The password-retrieval command is missing sudo, so it can fail with permission denied on the root-owned .env file.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At doc/source/deployments/rosi_collector/setup_walkthrough.rst, line 232:

<comment>The password-retrieval command is missing `sudo`, so it can fail with permission denied on the root-owned `.env` file.</comment>

<file context>
@@ -170,6 +224,27 @@ Then validate from the collector side and the Grafana UI:
+
+.. code-block:: bash
+
+   grep GRAFANA_ADMIN_PASSWORD /opt/rosi-collector/.env
+
+.. figure:: /_static/rosi-setup-grafana.png
</file context>

Suggested change

	grep GRAFANA_ADMIN_PASSWORD /opt/rosi-collector/.env
	sudo grep GRAFANA_ADMIN_PASSWORD /opt/rosi-collector/.env

[cubic-dev-ai]

P3: The firewall "minimum rule set" now unconditionally opens 6514/tcp, even though this port is only required when syslog TLS is enabled.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At doc/source/deployments/rosi_collector/setup_walkthrough.rst, line 164:

<comment>The firewall "minimum rule set" now unconditionally opens `6514/tcp`, even though this port is only required when syslog TLS is enabled.</comment>

<file context>
@@ -116,11 +135,36 @@ You are looking for a stable state where rsyslog, Loki, Grafana, Prometheus,
+   sudo ufw allow 80/tcp
+   sudo ufw allow 443/tcp
+   sudo ufw allow 10514/tcp
+   sudo ufw allow 6514/tcp
+
+If your environment also uses a provider firewall or security group, mirror the
</file context>

Suggested change

	sudo ufw allow 6514/tcp
	# Only needed when syslog TLS is enabled:
	sudo ufw allow 6514/tcp