Browse Source

fix: [letsencrypt] logrotate the letsencrypt logs

framadate
Valentin Lab 6 years ago
parent
commit
e2589ff55d
  1. 53
      letsencrypt/hooks/log_rotate-relation-joined

53
letsencrypt/hooks/log_rotate-relation-joined

@ -0,0 +1,53 @@
#!/bin/bash
## Should be executable N time in a row with same result.
. lib/common
set -e
LOGS=/var/log/letsencrypt
## XXXvlab: hum it seems apache logging is run as root, so well...
# logs_creds=$(cached_cmd_on_base_image apache "stat -c '%u %g' '$LOGS'") || {
# debug "Failed to query for www-data gid in ${DARKYELLOW}apache${NORMAL} base image."
# return 1
# }
rotated_count=$(relation-get rotated-count 2>/dev/null) || true
rotated_count=${rotated_count:-52}
## Here, we rely on ``delaycompress`` option and the fact that letsencrypt is
## run-once type of service to ensure logrotation will play it safely with the
## log writing process.
## XXXvlab: a lot of this intelligence should be moved away into ``logrotate`` charm
DST="$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/logrotate.d/$SERVICE_NAME"
file_put "$DST" <<EOF
/var/log/docker/$SERVICE_NAME/letsencrypt.log
{
weekly
missingok
dateext
dateyesterday
dateformat _%Y-%m-%d
extension .log
rotate $rotated_count
compress
delaycompress
notifempty
create 640 root root
sharedscripts
}
EOF
config-add "\
services:
$MASTER_TARGET_SERVICE_NAME:
volumes:
- $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro
- $SERVICE_DATASTORE$LOGS:/var/log/docker/$SERVICE_NAME:rw
$MASTER_BASE_SERVICE_NAME:
volumes:
- $SERVICE_DATASTORE$LOGS:$LOGS:rw
"
Loading…
Cancel
Save