Hello,
I use SWAG as reverse proxy, it works very well.
I use also Crowdsec and I had to separate some nginx app logs from the access.log, error.log etc… in order to not have false positive, and to use the app log itself generated by the app, not nginx.
For example, for Nextcloud, I set this in the server section:
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name nextcloud.*;
# Custom error files
access_log /config/log/nginx_not_crowdsec/access_nextcloud.log;
error_log /config/log/nginx_not_crowdsec/error_nextcloud.log;
...
}
But for every server for witch, I set the custom access_log and error_log path, no log rotation is done…
It’s ok in the /config/log/nginx/ path, there is log rotation.
Is it possible to have the log rotation too inside my /config/log/nginx_not_crowdsec/ path ? And how ?
Here the look of all log files inside this custom path:
Some log file are very huge
Thanks in advance for the help.
I may have find a way… but there is something I can’t do…
I created a file name nginx_custom_log with this:
/config/log/nginx_not_crowdsec/*.log {
size 5M
daily
rotate 7
compress
delaycompress
nodateext
notifempty
missingok
sharedscripts
postrotate
s6-svc -1 /run/service/svc-nginx
endscript
su abc abc
}
I mounted this file inside /etc/logrotate.d/ with the volume section in the docker-compose.yml:
volumes:
- /volume4/docker/swag_macvlan/config:/config
- /volume4/docker/swag_macvlan/etc-logrotate.d/nginx_custom_log:/etc/logrotate.d/nginx_custom_log
But after recreating the container, i tried to force the rotation,with:but I get an error:
root@Swag--DS920Plus:/# logrotate --force /etc/logrotate.d/nginx_custom_log
error: Ignoring /etc/logrotate.d/nginx_custom_log because the file owner is wrong (should be root or user with uid 0).
To get the command logrotate --force /etc/logrotate.d/nginx_custom_log working, I had to do this:
chown root: root /etc/logrotate.d/nginx_custom_log
And now, the logrotate is working fine.
But I’m wondering if this is durable… Is it ?
1 Like
