Commit 39071e7a authored by Florian Pritz's avatar Florian Pritz
Browse files

common: Add syslog-ng and logrotate



journal logs are nice and all, but they are comparatively large and
(mostly) uncompressed. This way we at can at least maintain logs for a
reasonable time frame to investigate issues even if the journal decided
that it has to clean up "old" logs.

The logrotate config uses an archive directory to rotate logs to for
stricter permissions on old logs to increase data protection (EU GDPR).
Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent daec2ae2
......@@ -8,3 +8,6 @@
- name: systemd daemon-reload
command: systemctl daemon-reload
- name: restart syslog-ng
service: name=syslog-ng@default state=restarted
......@@ -77,11 +77,36 @@
notify:
- restarted journald
- name: install syslog-ng
pacman: name=syslog-ng state=present
- name: configure syslog-ng
template: src=syslog-ng.conf.j2 dest=/etc/syslog-ng/syslog-ng.conf owner=root group=root mode=0600
notify:
- restart syslog-ng
- name: configure syslog-ng default config
template: src=syslog-ng@default.j2 dest=/etc/default/syslog-ng@default owner=root group=root mode=0644
notify:
- restart syslog-ng
- name: start syslog-ng
service: name=syslog-ng@default state=started enabled=yes
- name: install system.conf
template: src=system.conf.j2 dest=/etc/systemd/system.conf owner=root group=root mode=0644
notify:
- systemd daemon-reload
- name: install logrotate
pacman: name=logrotate state=present
- name: configure logrotate
template: src=logrotate.conf.j2 dest=/etc/logrotate.conf owner=root group=root mode=0644
- name: enable logrotate timer
service: name=logrotate.timer state=started enabled=yes
- name: create zsh directory
file: path=/root/.zsh state=directory owner=root group=root mode=0700
......
# see "man logrotate" for details
# rotate log files weekly
daily
# keep 30 days worth of backlogs
rotate 30
# restrict maximum size of log files
size 200M
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
compress
# Ignore pacman saved files
tabooext + .pacorig .pacnew .pacsave
# Arch packages drop log rotation information into this directory
include /etc/logrotate.d
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
@version: 3.17
@include "scl.conf"
#
# /etc/syslog-ng/syslog-ng.conf
#
options {
stats_freq (0);
flush_lines (0);
time_reopen (10);
log_fifo_size (10000);
chain_hostnames (off);
use_dns (no);
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
perm(0640);
group("log");
};
source src {
system();
internal();
};
destination d_everything { file("/var/log/everything.log"); };
log { source(src); destination(d_everything); };
CONFIG_FILE=/etc/syslog-ng/syslog-ng.conf
PERSIST_FILE=/var/lib/syslog-ng/syslog-ng.persist
CONTROL_FILE=/var/lib/syslog-ng/syslog-ng.ctl
PID_FILE=/run/syslog-ng.pid
OTHER_OPTIONS="--enable-core"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment