Skip to content

Stop logging IPs to storage#299

Merged
missytake merged 6 commits intomainfrom
hagi/no-logs
May 19, 2024
Merged

Stop logging IPs to storage#299
missytake merged 6 commits intomainfrom
hagi/no-logs

Conversation

@hagenest
Copy link
Copy Markdown
Contributor

@hagenest hagenest commented May 18, 2024

closes #294

@hagenest hagenest self-assigned this May 18, 2024
@hagenest hagenest marked this pull request as ready for review May 18, 2024 14:34
@hagenest hagenest marked this pull request as draft May 18, 2024 14:41
@hagenest
Copy link
Copy Markdown
Contributor Author

hagenest commented May 18, 2024

tested deployment on c2.testrun.org manually, nginx logs are now in journald. But: journald is still keeping logs, even after a reboot :| I'll investigate

@hagenest
Copy link
Copy Markdown
Contributor Author

hagenest commented May 18, 2024

nvm, it actually works, but it still showed the logs created before setting journalctl to volatile

@hagenest hagenest marked this pull request as ready for review May 18, 2024 15:10
@hagenest hagenest requested review from link2xt and missytake May 18, 2024 15:10
@hagenest
Copy link
Copy Markdown
Contributor Author

hagenest commented May 18, 2024

missed one commit, was part of the test tho

link2xt
link2xt reviewed May 18, 2024
View reviewed changes
Comment thread cmdeploy/src/cmdeploy/nginx/nginx.conf.j2 Outdated
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
error_log stderr;
Copy link
Copy Markdown
Contributor

@link2xt link2xt May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why error_log goes to stderr and access_log goes to syslog?

Copy link
Copy Markdown
Contributor Author

@hagenest hagenest May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

stderr goes automatically into journald, but with the correct facility as far as I understood it

Copy link
Copy Markdown
Contributor Author

@hagenest hagenest May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so errors are facility 3 (error) and access_logs are per default facility local7 (news)

Copy link
Copy Markdown
Contributor

@link2xt link2xt May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But you can set facility=local3: https://nginx.org/en/docs/syslog.html
I think it's easier to understand if everything goes to syslog with explicitly set facility.

Copy link
Copy Markdown
Contributor Author

@hagenest hagenest May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also fine by me. I'll change it

Copy link
Copy Markdown
Contributor

@link2xt link2xt May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Otherwise if we decided to setup rsyslog or something else to listen on syslog, logging directly to stderr will bypass it

Copy link
Copy Markdown
Contributor Author

@hagenest hagenest May 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@missytake missytake merged commit 4e65291 into main May 19, 2024
@missytake missytake deleted the hagi/no-logs branch May 19, 2024 15:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@link2xt link2xt link2xt left review comments

@missytake missytake missytake approved these changes

Assignees

@hagenest hagenest

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Stop logging IP addresses

3 participants

@hagenest @link2xt @missytake