53 lines
1.3 KiB

  1. #!/bin/bash
  2. ## Should be executable N time in a row with same result.
  3. . lib/common
  4. set -e
  5. LOGS=/var/log/letsencrypt
  6. ## XXXvlab: hum it seems apache logging is run as root, so well...
  7. # logs_creds=$(cached_cmd_on_base_image apache "stat -c '%u %g' '$LOGS'") || {
  8. # debug "Failed to query for www-data gid in ${DARKYELLOW}apache${NORMAL} base image."
  9. # return 1
  10. # }
  11. rotated_count=$(relation-get rotated-count 2>/dev/null) || true
  12. rotated_count=${rotated_count:-52}
  13. ## Here, we rely on ``delaycompress`` option and the fact that letsencrypt is
  14. ## run-once type of service to ensure logrotation will play it safely with the
  15. ## log writing process.
  16. ## XXXvlab: a lot of this intelligence should be moved away into ``logrotate`` charm
  17. DST="$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/logrotate.d/$SERVICE_NAME"
  18. file_put "$DST" <<EOF
  19. /var/log/docker/$SERVICE_NAME/letsencrypt.log
  20. {
  21. weekly
  22. missingok
  23. dateext
  24. dateyesterday
  25. dateformat _%Y-%m-%d
  26. extension .log
  27. rotate $rotated_count
  28. compress
  29. delaycompress
  30. notifempty
  31. create 640 root root
  32. sharedscripts
  33. }
  34. EOF
  35. config-add "\
  36. services:
  37. $MASTER_TARGET_SERVICE_NAME:
  38. volumes:
  39. - $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro
  40. - $SERVICE_DATASTORE$LOGS:/var/log/docker/$SERVICE_NAME:rw
  41. $MASTER_BASE_SERVICE_NAME:
  42. volumes:
  43. - $SERVICE_DATASTORE$LOGS:$LOGS:rw
  44. "