From e2589ff55dad22abbfe5884865b4046a50e1c5f1 Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Thu, 17 Jan 2019 16:42:00 +0100 Subject: [PATCH] fix: [letsencrypt] logrotate the letsencrypt logs --- letsencrypt/hooks/log_rotate-relation-joined | 53 ++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100755 letsencrypt/hooks/log_rotate-relation-joined diff --git a/letsencrypt/hooks/log_rotate-relation-joined b/letsencrypt/hooks/log_rotate-relation-joined new file mode 100755 index 0000000..ec57cb6 --- /dev/null +++ b/letsencrypt/hooks/log_rotate-relation-joined @@ -0,0 +1,53 @@ +#!/bin/bash + +## Should be executable N time in a row with same result. + +. lib/common + +set -e + +LOGS=/var/log/letsencrypt + +## XXXvlab: hum it seems apache logging is run as root, so well... +# logs_creds=$(cached_cmd_on_base_image apache "stat -c '%u %g' '$LOGS'") || { +# debug "Failed to query for www-data gid in ${DARKYELLOW}apache${NORMAL} base image." +# return 1 +# } + +rotated_count=$(relation-get rotated-count 2>/dev/null) || true +rotated_count=${rotated_count:-52} + +## Here, we rely on ``delaycompress`` option and the fact that letsencrypt is +## run-once type of service to ensure logrotation will play it safely with the +## log writing process. + +## XXXvlab: a lot of this intelligence should be moved away into ``logrotate`` charm +DST="$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/logrotate.d/$SERVICE_NAME" +file_put "$DST" <