This brings it in line with the non-JSON "reduced" log format.

Andrea Denisse Gómez Martínez authored 3 years ago and Jelle van der Waa committed 3 years ago

Closes #317.

Kristian Klausen authored 3 years ago and Jelle van der Waa committed 3 years ago

A extra access_log entry was added with the following commands:
$ cd roles
$ grep -lr access_log | xargs -P 1 -n 1 sed -i '/access_log/ s/\(.*\)\( \)\(\(reduced\|main\);$\)/\1 \3\n\1.json json_\3/'

This is much cleaner because the nginx role does not have to set the
fastcgi_cache variable to "false" by default, which was overridden by
host_vars/apollo.archlinux.org to "wiki", but the value was still
hardcoded in the config.

At first, I was wondering that the cache "zone" name should be
generalized to improve the configuration (from the original per-host to
per-service), but that would be an overkill since the fastcgi cache is
used only for the wiki...

This allows you to add snippets for toplevel nginx configuration directives that can't go into the http level.
Use this for loading modules and such.

These are static requests for JS/CSS assets which are the topmost
request for the wiki. Caching these in nginx helps a lot to turn down
the load.

This is changed globally because it is probably fine for other services
too.

Some AUR RPC requests apparently manage to hit the 4k default limit and
if they do, they get an empty response. This is an easier fix to the
problam than  changing the maximum request length in each AUR helper.

Signed-off-by: Florian Pritz <bluewind@xinu.at>

This is mostly to resolve issues on luna where nginx is hitting the
limit, but the higher limit won't hurt other machines so I'm not putting
it in a variable for now.

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Signed-off-by: Florian Pritz <bluewind@xinu.at>

For proxy/fastcgi/uwsgi blocks, logging is still set to the old format,
but for everything else (= static data) a reduced format is used that
excludes items that no longer make sense (request_time, remote_user) and
those that are personal information all the time (remote_addr, http_x_forwarded_for).

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Chrome reports that our JavaScript is not compressed with gzip/brotli,
this is due to chrome receiving javascript as application type:
application/javascript.

This is the same as used on luna and as expected by the zabbix nginx
monitoring service.

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Suppress nginx's stdout/stderr because it's not possible to stop nginx
from logging to stderr once it has been enabled, and it's enabled by
default (via compilation option).

Move the error_log to the root context as it applies to more than http.

The logrotate setup installed by nginx doesn't actually rotate the text
log files we've been using.

planet and sources roles still install configs that use text log files.

The settings don't hurt normal http connections if they are defined at
the top level.

Signed-off-by: Florian Pritz <bluewind@xinu.at>