new: [logrotate,odoo-tecnativa,apache,cron,letsencrypt] added charm ``logrotate`` and added logrotation to bunch of charms.

apache/hooks/log_rotate-relation-joined

@@ -36,12 +36,13 @@ file_put "$DST" <<EOF
     create 640 root root
     sharedscripts
     postrotate
-         docker-send-signal \$${MASTER_BASE_SERVICE_NAME^^}_NAME SIGUSR1;
+         /bin/docker-send-signal \$${MASTER_BASE_SERVICE_NAME^^}_NAME SIGUSR1;
     endscript
 }
 EOF
 
 config-add "\
+services:
   $MASTER_TARGET_SERVICE_NAME:
     volumes:
       - $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro

cron/hooks/init

@@ -10,13 +10,31 @@
 ## - SERVICE_DATASTORE           Location on host of the DATASTORE of this service
 ## - SERVICE_CONFIGSTORE         Location on host of the CONFIGSTORE of this service
 
-timezone=$(cat /etc/timezone)
+if [ -d "$SERVICE_CONFIGSTORE/bin/compose" ]; then
+    rmdir "$SERVICE_CONFIGSTORE/bin/compose"
+fi
+
+[ "$COMPOSE_LAUNCHER_OPTS" ] || {
+    err "\$COMPOSE_LAUNCHER_OPTS is expected to be set."
+    exit 1
+}
+
+[ "$COMPOSE_LAUNCHER_BIN" ] || {
+    err "\$COMPOSE_LAUNCHER_BIN is expected to be set."
+    exit 1
+}
+
+timezone=$(cat /etc/timezone) || exit 1
 init-config-add "
 $CHARM_NAME:
   volumes:
     - /etc/timezone:/etc/timezone:ro
+    - \${DOCKER_COMPOSE_PATH}/bin/dc:/bin/dc:ro
+    - $COMPOSE_LAUNCHER_BIN:/bin/compose:ro
+    - $COMPOSE_LAUNCHER_OPTS:$COMPOSE_LAUNCHER_OPTS:ro
   environment:
     TZ: $timezone
+    COMPOSE_LAUNCHER_OPTS: $COMPOSE_LAUNCHER_OPTS
 "
 
 info "Timezone is set to $timezone."

cron/hooks/log_rotate-relation-joined

@@ -29,12 +29,11 @@ file_put "$DST" <<EOF
 EOF
 
 config-add "\
+services:
   $MASTER_TARGET_CHARM_NAME:
     volumes:
     - $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro
     - $SERVICE_DATASTORE$LOGS:/var/log/docker/$SERVICE_NAME:rw
-"
-config-add "\
   $MASTER_BASE_CHARM_NAME:
     volumes:
     - $SERVICE_DATASTORE$LOGS:$LOGS:rw

letsencrypt/hooks/schedule_command-relation-joined

@@ -26,10 +26,7 @@ fi
 ##   'cron' container.
 file_put "$DST" <<EOF
 $schedule     root  lock $label -D -p 10 -c "\
-    docker run --rm \
-        -v $BASE_CHARM_PATH/etc/letsencrypt:/etc/letsencrypt:rw \
-        -v $BASE_CHARM_PATH/var/log/letsencrypt:/var/log/letsencrypt:rw \
-        -v $BASE_CHARM_PATH/var/lib/tldextract:/var/lib/tldextract:rw \
-        \"$DOCKER_BASE_IMAGE\" crt renew" 2>&1 | ts '\%F \%T \%Z' >> $LOCAL_LOG
+    dc run $SERVICE_NAME crt renew" 2>&1 | ts '\%F \%T \%Z' >> $LOCAL_LOG
+
 EOF
 chmod +x "$DST"

logrotate/build/Dockerfile

@@ -0,0 +1,10 @@
+FROM docker.0k.io/alpine
+
+RUN apk add logrotate && \
+    sed -ri 's/^(\/var\/log\/messages \{\})$/# \1/g' /etc/logrotate.conf
+
+RUN apk add netcat-openbsd  ## dependency of docker-send-signal
+
+COPY src/ /
+
+ENTRYPOINT ["/entrypoint.sh"]

logrotate/build/src/bin/docker-send-signal

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+exname=$(basename "$0")
+usage="$exname [-h|--help] CONTAINER SIGNAL"
+
+container=
+signal=
+while [ "$1" ]; do
+    case "$1" in
+        "--help"|"-h")
+            echo "$usage" >&2
+            exit 0
+        ;;
+        *)
+            [ -z "$container" ] && { container=$1 ; shift ; continue ; }
+            [ -z "$signal" ] && { signal=$1 ; shift ; continue ; }
+            echo "Unexpected argument '$1'." >&2
+            exit 1
+        ;;
+    esac
+    shift
+done
+
+if [ -z "$container" ]; then
+    echo "You must provide a container name/id as first argument." >&2
+    echo "$usage" >&2
+    exit 1
+fi
+
+if [ -z "$signal" ]; then
+    echo "You must provide a signal to send to $container aargument." >&2
+    echo "$usage" >&2
+    exit 1
+fi
+
+container_id="$(docker inspect --format="{{ .Id }}" "$container")"
+
+echo -e "POST /containers/$container_id/kill?signal=$signal HTTP/1.0\r\n" | nc -U /var/run/docker.sock

logrotate/build/src/entrypoint.sh

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Clean non existent log file entries from status file
+cd /var/lib/logrotate
+test -e status || touch status
+head -1 status > status.clean
+sed 's/"//g' status | while read logfile date
+do
+    [ -e "$logfile" ] && echo "\"$logfile\" $date"
+done >> status.clean
+mv status.clean status
+
+/usr/sbin/logrotate /etc/logrotate.conf

logrotate/hooks/log_rotate-relation-joined

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+## Should be executable N time in a row with same result.
+
+exit 0
+. lib/common
+
+set -e
+
+LOGS=/var/log/apache2
+
+
+
+## XXXvlab: hum it seems apache logging is run as root, so well...
+# logs_creds=$(cached_cmd_on_base_image apache "stat -c '%u %g' '$LOGS'") || {
+#     debug "Failed to query for www-data gid in ${DARKYELLOW}apache${NORMAL} base image."
+#     return 1
+# }
+
+rotated_count=$(relation-get rotated-count 2>/dev/null) || true
+rotated_count=${rotated_count:-52}
+
+## XXXvlab: a lot of this intelligence should be moved away into
+## ``logrotate`` charm
+##
+##  Issues:
+##  - relation-joined will execute first log-rotate charm part of the
+##    relation, which is not what we want here, as we need to send
+##    default value for the creation of the config file on the server
+##    part.
+##  - we need to send the directory it seems, otherwise, docker will
+##    create directory when the log file is missing, and I'm not sure
+##    how processes will react when their file is moved out of their
+##    file-system scope when rotated (but I think there will be no
+##    issue here).
+##    The problem here is that we can't cleanly put all file in the
+##    same directory (and there are collision possible anyway).
+##    This means that if we want more than one target, we need
+##    sub-directories.
+##    - For this issue, we only fear the 'docker' run and mounting
+##      moment, and we are sure to run before, so we can make sure to
+##      ``touch`` the files.
+##    - can we move file that was been bound in a docker ? Well yes,
+##      but it won't change place in the docker:( ... I guess you need
+##      to reload the docker and the binding to work.
+##
+
+DST="$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/logrotate.d/$SERVICE_NAME"
+file_put "$DST" <<EOF
+/var/log/docker/$SERVICE_NAME/*error.log
+/var/log/docker/$SERVICE_NAME/*access.log
+ {
+    weekly
+    missingok
+    dateext
+    dateyesterday
+    dateformat _%Y-%m-%d
+    extension .log
+    rotate $rotated_count
+    compress
+    delaycompress
+    notifempty
+    create 640 root root
+    sharedscripts
+    postrotate
+        docker-send-signal \$${MASTER_BASE_CHARM_NAME^^}_NAME SIGUSR1;
+    endscript
+}
+EOF
+
+config-add "\
+$MASTER_TARGET_CHARM_NAME:
+  volumes:
+    - $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro
+    - $SERVICE_DATASTORE$LOGS:/var/log/docker/$SERVICE_NAME:rw
+$MASTER_BASE_CHARM_NAME:
+  volumes:
+    - $SERVICE_DATASTORE$LOGS:$LOGS:rw
+"
+

logrotate/hooks/schedule_command-relation-joined

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+## When writing relation script, remember:
+##  - they should be idempotents
+##  - they can be launched while the dockers is already up
+##  - they are launched from the host
+##  - the target of the link is launched first, and get a chance to ``relation-set``
+##  - both side of the scripts get to use ``relation-get``.
+
+set -e
+
+label=launch-$SERVICE_NAME
+DST=$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/cron/$label
+schedule=$(relation-get schedule) || true
+
+## It should really stay at midnight as most logs are dated
+schedule=${schedule:-0 0 * * *}
+if ! echo "$schedule" | egrep '^\s*(([0-9/,*-]+\s+){4,4}[0-9/,*-]+|@[a-z]+)\s*$' >/dev/null 2>&1; then
+    err "Unrecognized schedule '$schedule'."
+    exit 1
+fi
+
+## Warning: using '\' in heredoc will be removed in the final cron file, which
+##   is totally wanted: cron does not support multilines.
+
+## Warning: 'docker -v' will use HOST directory even if launched from
+##   'cron' container.
+file_put "$DST" <<EOF
+$schedule     root  lock $label -D -p 10 -c "\
+    dc run $SERVICE_NAME" 2>&1 | ts '\%F \%T \%Z' >> /var/log/cron/${label}_script.log
+EOF
+chmod +x "$DST"

logrotate/metadata.yml

@@ -0,0 +1,13 @@
+description: Log Rotation Service
+type: run-once
+data-resources:
+  - /var/lib/logrotate
+requires:
+  schedule-command:
+    interface: schedule-command
+## YYY: probably not useful anymore
+# charm-resources:
+#   - /etc/cron.daily/logrotate
+provides:
+  log-rotate:
+    tech-dep: "reversed"

odoo-tecnativa/hooks/log_rotate-relation-joined

@@ -0,0 +1,50 @@
+#!/bin/bash
+
+## Should be executable N time in a row with same result.
+
+. lib/common
+
+set -e
+
+odoo_uid=$(get_odoo_uid)
+
+LOGS=/var/log/odoo
+mkdir -p "$SERVICE_DATASTORE/$LOGS"
+chown -R "$odoo_uid" "$SERVICE_DATASTORE/$LOGS"
+
+rotated_count=$(relation-get rotated-count 2>/dev/null) || true
+rotated_count=${rotated_count:-52}
+
+## No postrotate script as odoo uses a WatchedFileHandler log that
+## close and reopen log file if it changes.
+
+## XXXvlab: a lot of this intelligence should be moved away into ``logrotate`` charm
+DST="$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/logrotate.d/$SERVICE_NAME"
+file_put "$DST" <<EOF
+/var/log/docker/$SERVICE_NAME/odoo.log
+ {
+    weekly
+    missingok
+    dateext
+    dateyesterday
+    dateformat _%Y-%m-%d
+    extension .log
+    rotate $rotated_count
+    compress
+    delaycompress
+    notifempty
+    create 640
+    sharedscripts
+}
+EOF
+
+config-add "\
+services:
+  $MASTER_TARGET_SERVICE_NAME:
+    volumes:
+      - $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro
+      - $SERVICE_DATASTORE$LOGS:/var/log/docker/$SERVICE_NAME:rw
+  $MASTER_BASE_SERVICE_NAME:
+    volumes:
+      - $SERVICE_DATASTORE$LOGS:$LOGS:rw
+"

odoo-tecnativa/metadata.yml

@@ -11,6 +11,7 @@ docker-compose:
   command:
     - odoo
     - --config=/opt/odoo/auto/odoo.conf
+    - --logfile=/var/log/odoo/odoo.log
   ## YYYvlab: useful ?
   tty: true
   environment: