Adds rsyslog, closes #14

fe9dcb2c · Pierre Ozoux · 1c5be94b · fe9dcb2c · fe9dcb2c · fe9dcb2c
Commit fe9dcb2c authored 10 years ago by Pierre Ozoux
--- a/dockerfiles/email/postfix/Dockerfile
+++ b/dockerfiles/email/postfix/Dockerfile
@@ -10,7 +10,6 @@ RUN apt-get update \
 	&& echo "postfix postfix/root_address string 'ROOTMAIL@EXAMPLE.COM'" | debconf-set-selections \
 	&& apt-get install -q -y \
 		postfix \
-		rsyslog \
 		supervisor \
 	&& rm -rf /var/lib/apt/lists/*

@@ -18,7 +17,7 @@ COPY install.sh install.sh

 RUN chmod 755 /install.sh

-VOLUME ["/var/spool/mail", "/var/log"]
+VOLUME ["/var/spool/mail"]

 EXPOSE 25


--- a/dockerfiles/email/postfix/install.sh
+++ b/dockerfiles/email/postfix/install.sh
@@ -16,8 +16,6 @@ command = /etc/init.d/postfix start
 startsecs = 0
 autorestart = false

-[program:rsyslog]
-command=/usr/sbin/rsyslogd -n
 EOF

 # put the same FQDN in /data/hostname and in reverse DNS

--- a/dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl
+++ b/dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl
 global
+  log /dev/log local0 info
+  log /dev/log local0 notice
  maxconn 4096
  user haproxy
  group haproxy
@@ -6,6 +8,7 @@ global
  ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

 defaults
+  log global
  mode http
  option forwardfor
  option httpclose
@@ -16,6 +19,7 @@ defaults
  timeout client 50000
  timeout server 50000

+
 frontend https-in
 mode http
  bind *:443 ssl no-sslv3 crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/default.pem

--- a/dockerfiles/load-balancer/haproxy/Dockerfile
+++ b/dockerfiles/load-balancer/haproxy/Dockerfile
@@ -10,7 +10,7 @@ RUN \

 VOLUME ["/etc/haproxy"]
 ENTRYPOINT ["haproxy"]
-CMD ["-d", "-f", "/etc/haproxy/haproxy.cfg"]
+CMD ["-f", "/etc/haproxy/haproxy.cfg"]
 EXPOSE 80
 EXPOSE 443

--- a/dockerfiles/load-balancer/haproxy/README.md
+++ b/dockerfiles/load-balancer/haproxy/README.md
@@ -4,8 +4,6 @@ The smallest HAproxy docker image in town ;)

 ## Run

-This image will log everything to stdout/stderr. Somehow, it respects 12-Factor App. But it uses the debug flag of HAProxy. If you have a better idea, please read this [blog post](http://pierre-o.fr/blog/2014/08/27/haproxy-coreos/) first.
-
 ```bash
 docker run\
  -v /haproxy-config:/etc/haproxy\

--- a/dockerfiles/rsyslog/Dockerfile
+++ b/dockerfiles/rsyslog/Dockerfile
+FROM debian:jessie
+
+ENV DEBIAN_FRONTEND noninteractive
+RUN apt-get update && \
+    apt-get install -q -y rsyslog && \
+    rm -rf /var/lib/apt/lists/*
+
+ADD haproxy /etc/logrotate.d/haproxy
+ADD postfix /etc/logrotate.d/postfix
+
+VOLUME [ "/dev", "/var/log" ]
+
+ENTRYPOINT [ "rsyslogd", "-n" ]
+
--- a/dockerfiles/rsyslog/haproxy
+++ b/dockerfiles/rsyslog/haproxy
+/var/log/haproxy*.log
+{
+    rotate 4
+    weekly
+    missingok
+    notifempty
+    compress
+    delaycompress
+    sharedscripts
+    postrotate
+        reload rsyslog >/dev/null 2>&1 || true
+    endscript
+}
+
--- a/dockerfiles/rsyslog/postfix
+++ b/dockerfiles/rsyslog/postfix
+/var/log/mail.*
+{
+    rotate 4
+    weekly
+    missingok
+    notifempty
+    compress
+    delaycompress
+    sharedscripts
+    postrotate
+        reload rsyslog >/dev/null 2>&1 || true
+    endscript
+}
+
--- a/unit-files/haproxy.service
+++ b/unit-files/haproxy.service
@@ -6,6 +6,7 @@ Requires=docker.service

 # Dependency ordering
 After=docker.service
+After=rsyslog.service

 [Service]
 Restart=always
@@ -16,6 +17,7 @@ ExecStartPre=-/usr/bin/docker rm %p
 ExecStart=/usr/bin/docker run \
  --rm \
  --name %p \
+  -v /data/runtime/dev/log:/dev/log \
  -v /data/runtime/haproxy:/etc/haproxy \
  -p 80:80 \
  -p 443:443 \

--- a/unit-files/mysql@.service
+++ b/unit-files/mysql@.service
@@ -34,6 +34,7 @@ ExecStartPre=/bin/bash -euxc ' \
 ExecStart=/opt/bin/systemd-docker run \
  --rm \
  --name %p-%i \
+  -v /data/runtime/domains/%i/log/mysql:/var/log/mysql \
  -v /data/runtime/domains/%i/%p/db_files:/var/lib/mysql \
  --env-file /data/domains/%i/%p/.env \
  pierreozoux/mysql

--- a/unit-files/postfix.service
+++ b/unit-files/postfix.service
@@ -6,6 +6,7 @@ Requires=docker.service

 # Dependency ordering
 After=docker.service
+After=rsyslog.service

 [Service]
 Restart=always
@@ -16,6 +17,7 @@ ExecStartPre=-/usr/bin/docker rm %p
 ExecStart=/usr/bin/docker run \
  --rm \
  --name %p \
+  -v /data/runtime/dev/log:/dev/log \
  -v /data/runtime/postfix/:/data \
  -p 25:25 \
  pierreozoux/postfix

--- a/unit-files/rsyslog.service
+++ b/unit-files/rsyslog.service
+[Unit]
+Description=%p
+
+# Requirements
+Requires=docker.service
+
+# Dependency ordering
+After=docker.service
+
+[Service]
+Restart=always
+RestartSec=20
+TimeoutStartSec=0
+ExecStartPre=-/usr/bin/docker kill %p
+ExecStartPre=-/usr/bin/docker rm %p
+ExecStart=/usr/bin/docker run \
+  --rm \
+  --name rsyslog \
+  -v /data/runtime/dev:/dev \
+  -v /data/runtime/log:/var/log \
+  pierreozoux/rsyslog
+ExecReload=/usr/bin/docker restart %p
+ExecStop=/usr/bin/docker stop %p
+
+[Install]
+WantedBy=multi-user.target
+
--- a/unit-files/web@.service
+++ b/unit-files/web@.service
@@ -27,6 +27,7 @@ ExecStart=/bin/bash -euxc ' \
  /opt/bin/systemd-docker --env run \
    --rm \
    --name %i \
+    -v /data/runtime/domains/%i/log/apache2:/var/log/apache2 \
    ${DOCKER_ARGUMENTS} \
    pierreozoux/${APPLICATION}'
 ExecReload=/usr/bin/docker restart %i