#!/bin/bash

## Should be executable N time in a row with same result.

. lib/common

set -e

LOGS=/var/log/letsencrypt

## XXXvlab: hum it seems apache logging is run as root, so well...
# logs_creds=$(cached_cmd_on_base_image apache "stat -c '%u %g' '$LOGS'") || {
#     debug "Failed to query for www-data gid in ${DARKYELLOW}apache${NORMAL} base image."
#     return 1
# }

rotated_count=$(relation-get rotated-count 2>/dev/null) || true
rotated_count=${rotated_count:-52}

## Here, we rely on ``delaycompress`` option and the fact that letsencrypt is
## run-once type of service to ensure logrotation will play it safely with the
## log writing process.

## XXXvlab: a lot of this intelligence should be moved away into ``logrotate`` charm
DST="$CONFIGSTORE/$TARGET_SERVICE_NAME/etc/logrotate.d/$SERVICE_NAME"
file_put "$DST" <<EOF
/var/log/docker/$SERVICE_NAME/letsencrypt.log
 {
    weekly
    missingok
    dateext
    dateyesterday
    dateformat _%Y-%m-%d
    extension .log
    rotate $rotated_count
    compress
    delaycompress
    notifempty
    create 640 root root
    sharedscripts
}
EOF

config-add "\
services:
  $MASTER_TARGET_SERVICE_NAME:
    volumes:
      - $DST:/etc/logrotate.d/docker-${SERVICE_NAME}:ro
      - $SERVICE_DATASTORE$LOGS:/var/log/docker/$SERVICE_NAME:rw
  $MASTER_BASE_SERVICE_NAME:
    volumes:
      - $SERVICE_DATASTORE$LOGS:$LOGS:rw
"