From 6bf140146d226b45f8a8330f88505f943084f60a Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Mon, 19 Feb 2018 17:32:45 +0100
Subject: [PATCH] Define and use our own log format for nginx
This is the same as used on luna and as expected by the zabbix nginx
monitoring service.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
roles/arch32_mirror/templates/nginx.d.conf.j2 | 4 ++--
roles/archive/templates/nginx.d.conf.j2 | 4 ++--
roles/archweb/templates/nginx.d.conf.j2 | 8 ++++----
roles/flyspray/templates/nginx.d.conf.j2 | 4 ++--
roles/grafana/templates/nginx.d.conf.j2 | 4 ++--
roles/kanboard/templates/nginx.d.conf.j2 | 4 ++--
roles/mailman/templates/nginx.d.conf.j2 | 4 ++--
roles/matrix/templates/nginx.d.conf.j2 | 4 ++--
roles/nginx/templates/nginx.conf.j2 | 6 +++++-
roles/patchwork/templates/nginx.d.conf.j2 | 4 ++--
roles/planet/templates/nginx.d.conf.j2 | 4 ++--
roles/public_html/templates/nginx.d.conf.j2 | 4 ++--
roles/security_tracker/templates/nginx.d.conf.j2 | 4 ++--
roles/sources/templates/nginx.d.conf.j2 | 4 ++--
roles/syncrepo/templates/nginx.d.conf.j2 | 4 ++--
roles/zabbix-server/templates/nginx.d.conf.j2 | 4 ++--
16 files changed, 37 insertions(+), 33 deletions(-)
diff --git a/roles/arch32_mirror/templates/nginx.d.conf.j2 b/roles/arch32_mirror/templates/nginx.d.conf.j2
index 9b2f2f3a3..5dbb56d07 100644
--- a/roles/arch32_mirror/templates/nginx.d.conf.j2
+++ b/roles/arch32_mirror/templates/nginx.d.conf.j2
@@ -4,7 +4,7 @@ server {
server_name {{ arch32_mirror_domain }} pool.mirror.archlinux32.org;
root {{ arch32_mirror_dir }};
- access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log;
+ access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log main;
error_log /var/log/nginx/{{ arch32_mirror_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -18,7 +18,7 @@ server {
server_name {{ arch32_mirror_domain }};
root {{ arch32_mirror_dir }};
- access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log;
+ access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log main;
error_log /var/log/nginx/{{ arch32_mirror_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem;
diff --git a/roles/archive/templates/nginx.d.conf.j2 b/roles/archive/templates/nginx.d.conf.j2
index 68513db74..0fbcc291d 100644
--- a/roles/archive/templates/nginx.d.conf.j2
+++ b/roles/archive/templates/nginx.d.conf.j2
@@ -3,7 +3,7 @@ server {
listen [::]:80;
server_name {{ archive_domain }};
- access_log /var/log/nginx/{{ archive_domain }}/access.log;
+ access_log /var/log/nginx/{{ archive_domain }}/access.log main;
error_log /var/log/nginx/{{ archive_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -18,7 +18,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ archive_domain }};
- access_log /var/log/nginx/{{ archive_domain }}/access.log;
+ access_log /var/log/nginx/{{ archive_domain }}/access.log main;
error_log /var/log/nginx/{{ archive_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ archive_domain }}/fullchain.pem;
diff --git a/roles/archweb/templates/nginx.d.conf.j2 b/roles/archweb/templates/nginx.d.conf.j2
index bef77dded..20ed04976 100644
--- a/roles/archweb/templates/nginx.d.conf.j2
+++ b/roles/archweb/templates/nginx.d.conf.j2
@@ -9,7 +9,7 @@ server {
listen [::]:80;
server_name {{ domain }};
- access_log /var/log/nginx/{{ archweb_domain }}/access.log;
+ access_log /var/log/nginx/{{ archweb_domain }}/access.log main;
error_log /var/log/nginx/{{ archweb_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -24,7 +24,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ domain }};
- access_log /var/log/nginx/{{ archweb_domain }}/access.log;
+ access_log /var/log/nginx/{{ archweb_domain }}/access.log main;
error_log /var/log/nginx/{{ archweb_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ archweb_domain }}/fullchain.pem;
@@ -51,7 +51,7 @@ server {
listen [::]:80;
server_name {{ archweb_domain }};
- access_log /var/log/nginx/{{ archweb_domain }}/access.log;
+ access_log /var/log/nginx/{{ archweb_domain }}/access.log main;
error_log /var/log/nginx/{{ archweb_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -71,7 +71,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ archweb_domain }};
- access_log /var/log/nginx/{{ archweb_domain }}/access.log;
+ access_log /var/log/nginx/{{ archweb_domain }}/access.log main;
error_log /var/log/nginx/{{ archweb_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ archweb_domain }}/fullchain.pem;
diff --git a/roles/flyspray/templates/nginx.d.conf.j2 b/roles/flyspray/templates/nginx.d.conf.j2
index 867e59bdb..0dd8b9d10 100644
--- a/roles/flyspray/templates/nginx.d.conf.j2
+++ b/roles/flyspray/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ flyspray_domain }};
- access_log /var/log/nginx/{{ flyspray_domain }}/access.log;
+ access_log /var/log/nginx/{{ flyspray_domain }}/access.log main;
error_log /var/log/nginx/{{ flyspray_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ flyspray_domain }};
- access_log /var/log/nginx/{{ flyspray_domain }}/access.log;
+ access_log /var/log/nginx/{{ flyspray_domain }}/access.log main;
error_log /var/log/nginx/{{ flyspray_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ flyspray_domain }}/fullchain.pem;
diff --git a/roles/grafana/templates/nginx.d.conf.j2 b/roles/grafana/templates/nginx.d.conf.j2
index 6a2d5931a..73b3cef8c 100644
--- a/roles/grafana/templates/nginx.d.conf.j2
+++ b/roles/grafana/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ grafana_domain }};
- access_log /var/log/nginx/{{ grafana_domain }}/access.log;
+ access_log /var/log/nginx/{{ grafana_domain }}/access.log main;
error_log /var/log/nginx/{{ grafana_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ grafana_domain }};
- access_log /var/log/nginx/{{ grafana_domain }}/access.log;
+ access_log /var/log/nginx/{{ grafana_domain }}/access.log main;
error_log /var/log/nginx/{{ grafana_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ grafana_domain }}/fullchain.pem;
diff --git a/roles/kanboard/templates/nginx.d.conf.j2 b/roles/kanboard/templates/nginx.d.conf.j2
index 874e52d2f..bd2ca1f7f 100644
--- a/roles/kanboard/templates/nginx.d.conf.j2
+++ b/roles/kanboard/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ kanboard_domain }};
- access_log /var/log/nginx/{{ kanboard_domain }}/access.log;
+ access_log /var/log/nginx/{{ kanboard_domain }}/access.log main;
error_log /var/log/nginx/{{ kanboard_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ kanboard_domain }};
- access_log /var/log/nginx/{{ kanboard_domain }}/access.log;
+ access_log /var/log/nginx/{{ kanboard_domain }}/access.log main;
error_log /var/log/nginx/{{ kanboard_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ kanboard_domain }}/fullchain.pem;
diff --git a/roles/mailman/templates/nginx.d.conf.j2 b/roles/mailman/templates/nginx.d.conf.j2
index c742aa71e..d9fb708ca 100644
--- a/roles/mailman/templates/nginx.d.conf.j2
+++ b/roles/mailman/templates/nginx.d.conf.j2
@@ -3,7 +3,7 @@ server {
listen [::]:80;
server_name mailman.archlinux.org;
- access_log /var/log/nginx/{{ mailman_domain }}/access.log;
+ access_log /var/log/nginx/{{ mailman_domain }}/access.log main;
error_log /var/log/nginx/{{ mailman_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -18,7 +18,7 @@ server {
listen [::]:443 ssl http2;
server_name mailman.archlinux.org;
- access_log /var/log/nginx/{{ mailman_domain }}/access.log;
+ access_log /var/log/nginx/{{ mailman_domain }}/access.log main;
error_log /var/log/nginx/{{ mailman_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/mailman.archlinux.org/fullchain.pem;
diff --git a/roles/matrix/templates/nginx.d.conf.j2 b/roles/matrix/templates/nginx.d.conf.j2
index 271a9fb43..4eff48b77 100644
--- a/roles/matrix/templates/nginx.d.conf.j2
+++ b/roles/matrix/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ matrix_domain }};
- access_log /var/log/nginx/{{ matrix_domain }}/access.log;
+ access_log /var/log/nginx/{{ matrix_domain }}/access.log main;
error_log /var/log/nginx/{{ matrix_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ matrix_domain }};
- access_log /var/log/nginx/{{ matrix_domain }}/access.log;
+ access_log /var/log/nginx/{{ matrix_domain }}/access.log main;
error_log /var/log/nginx/{{ matrix_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ matrix_domain }}/fullchain.pem;
diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2
index f00e034f1..a12a8bf20 100644
--- a/roles/nginx/templates/nginx.conf.j2
+++ b/roles/nginx/templates/nginx.conf.j2
@@ -13,6 +13,10 @@ http {
include mime.types;
default_type application/octet-stream;
+ log_format main '$remote_addr $host $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for" $request_time';
+
sendfile on;
keepalive_timeout 65;
client_max_body_size 16M;
@@ -26,7 +30,7 @@ http {
index index.php index.html index.htm;
- access_log syslog:server=unix:/dev/log,nohostname,tag=nginx_http;
+ access_log syslog:server=unix:/dev/log,nohostname,tag=nginx_http main;
include snippets/sslsettings.conf;
diff --git a/roles/patchwork/templates/nginx.d.conf.j2 b/roles/patchwork/templates/nginx.d.conf.j2
index b42dd26a4..cd08601e9 100644
--- a/roles/patchwork/templates/nginx.d.conf.j2
+++ b/roles/patchwork/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ patchwork_domain }};
- access_log /var/log/nginx/{{ patchwork_domain }}/access.log;
+ access_log /var/log/nginx/{{ patchwork_domain }}/access.log main;
error_log /var/log/nginx/{{ patchwork_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ patchwork_domain }};
- access_log /var/log/nginx/{{ patchwork_domain }}/access.log;
+ access_log /var/log/nginx/{{ patchwork_domain }}/access.log main;
error_log /var/log/nginx/{{ patchwork_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ patchwork_domain }}/fullchain.pem;
diff --git a/roles/planet/templates/nginx.d.conf.j2 b/roles/planet/templates/nginx.d.conf.j2
index 2e2d841a2..507abd53f 100644
--- a/roles/planet/templates/nginx.d.conf.j2
+++ b/roles/planet/templates/nginx.d.conf.j2
@@ -3,7 +3,7 @@ server {
listen [::]:80;
server_name {{ planet_domain }};
- access_log /var/log/nginx/{{ planet_domain }}/access.log;
+ access_log /var/log/nginx/{{ planet_domain }}/access.log main;
error_log /var/log/nginx/{{ planet_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -18,7 +18,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ planet_domain }};
- access_log /var/log/nginx/{{ planet_domain }}/access.log;
+ access_log /var/log/nginx/{{ planet_domain }}/access.log main;
error_log /var/log/nginx/{{ planet_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ planet_domain }}/fullchain.pem;
diff --git a/roles/public_html/templates/nginx.d.conf.j2 b/roles/public_html/templates/nginx.d.conf.j2
index 034af8e11..b18798915 100644
--- a/roles/public_html/templates/nginx.d.conf.j2
+++ b/roles/public_html/templates/nginx.d.conf.j2
@@ -4,7 +4,7 @@ server {
server_name {{ public_domain }} www.{{ public_domain }};
root /srv/public_html;
- access_log /var/log/nginx/{{ public_domain }}/access.log;
+ access_log /var/log/nginx/{{ public_domain }}/access.log main;
error_log /var/log/nginx/{{ public_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
server_name {{ public_domain }} www.{{ public_domain }};
root /srv/public_html;
- access_log /var/log/nginx/{{ public_domain }}/access.log;
+ access_log /var/log/nginx/{{ public_domain }}/access.log main;
error_log /var/log/nginx/{{ public_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ public_domain }}/fullchain.pem;
diff --git a/roles/security_tracker/templates/nginx.d.conf.j2 b/roles/security_tracker/templates/nginx.d.conf.j2
index c03b30c25..3163443ff 100644
--- a/roles/security_tracker/templates/nginx.d.conf.j2
+++ b/roles/security_tracker/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ security_tracker_domain }};
- access_log /var/log/nginx/{{ security_tracker_domain }}/access.log;
+ access_log /var/log/nginx/{{ security_tracker_domain }}/access.log main;
error_log /var/log/nginx/{{ security_tracker_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ security_tracker_domain }};
- access_log /var/log/nginx/{{ security_tracker_domain }}/access.log;
+ access_log /var/log/nginx/{{ security_tracker_domain }}/access.log main;
error_log /var/log/nginx/{{ security_tracker_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ security_tracker_domain }}/fullchain.pem;
diff --git a/roles/sources/templates/nginx.d.conf.j2 b/roles/sources/templates/nginx.d.conf.j2
index e596c8869..9f6f7d47c 100644
--- a/roles/sources/templates/nginx.d.conf.j2
+++ b/roles/sources/templates/nginx.d.conf.j2
@@ -3,7 +3,7 @@ server {
listen [::]:80;
server_name {{ sources_domain }};
- access_log /var/log/nginx/{{ sources_domain }}/access.log;
+ access_log /var/log/nginx/{{ sources_domain }}/access.log main;
error_log /var/log/nginx/{{ sources_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -18,7 +18,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ sources_domain }};
- access_log /var/log/nginx/{{ sources_domain }}/access.log;
+ access_log /var/log/nginx/{{ sources_domain }}/access.log main;
error_log /var/log/nginx/{{ sources_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ sources_domain }}/fullchain.pem;
diff --git a/roles/syncrepo/templates/nginx.d.conf.j2 b/roles/syncrepo/templates/nginx.d.conf.j2
index 1e69ceb4d..c6999a42b 100644
--- a/roles/syncrepo/templates/nginx.d.conf.j2
+++ b/roles/syncrepo/templates/nginx.d.conf.j2
@@ -4,7 +4,7 @@ server {
server_name {{ mirror_domain }};
root /srv/ftp;
- access_log /var/log/nginx/{{ mirror_domain }}/access.log;
+ access_log /var/log/nginx/{{ mirror_domain }}/access.log main;
error_log /var/log/nginx/{{ mirror_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -18,7 +18,7 @@ server {
server_name {{ mirror_domain }};
root /srv/ftp;
- access_log /var/log/nginx/{{ mirror_domain }}/access.log;
+ access_log /var/log/nginx/{{ mirror_domain }}/access.log main;
error_log /var/log/nginx/{{ mirror_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem;
diff --git a/roles/zabbix-server/templates/nginx.d.conf.j2 b/roles/zabbix-server/templates/nginx.d.conf.j2
index 6975bc54c..590b65537 100644
--- a/roles/zabbix-server/templates/nginx.d.conf.j2
+++ b/roles/zabbix-server/templates/nginx.d.conf.j2
@@ -7,7 +7,7 @@ server {
listen [::]:80;
server_name {{ zabbix_domain }};
- access_log /var/log/nginx/{{ zabbix_domain }}/access.log;
+ access_log /var/log/nginx/{{ zabbix_domain }}/access.log main;
error_log /var/log/nginx/{{ zabbix_domain }}/error.log;
include snippets/letsencrypt.conf;
@@ -22,7 +22,7 @@ server {
listen [::]:443 ssl http2;
server_name {{ zabbix_domain }};
- access_log /var/log/nginx/{{ zabbix_domain }}/access.log;
+ access_log /var/log/nginx/{{ zabbix_domain }}/access.log main;
error_log /var/log/nginx/{{ zabbix_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ zabbix_domain }}/fullchain.pem;
--
GitLab