From fe9dcb2c18f59d3ae68b0a7a10e3d5c26881e361 Mon Sep 17 00:00:00 2001
From: pierreozoux <pierre@ozoux.net>
Date: Mon, 16 Feb 2015 16:33:03 +0000
Subject: [PATCH] Adds rsyslog, closes #14
---
dockerfiles/email/postfix/Dockerfile | 3 +--
dockerfiles/email/postfix/install.sh | 2 --
.../confd/confd/templates/haproxy.cfg.tmpl | 4 +++
dockerfiles/load-balancer/haproxy/Dockerfile | 2 +-
dockerfiles/load-balancer/haproxy/README.md | 2 --
dockerfiles/rsyslog/Dockerfile | 14 ++++++++++
dockerfiles/rsyslog/haproxy | 14 ++++++++++
dockerfiles/rsyslog/postfix | 14 ++++++++++
unit-files/haproxy.service | 2 ++
unit-files/mysql@.service | 1 +
unit-files/postfix.service | 2 ++
unit-files/rsyslog.service | 27 +++++++++++++++++++
unit-files/web@.service | 1 +
13 files changed, 81 insertions(+), 7 deletions(-)
create mode 100644 dockerfiles/rsyslog/Dockerfile
create mode 100644 dockerfiles/rsyslog/haproxy
create mode 100644 dockerfiles/rsyslog/postfix
create mode 100644 unit-files/rsyslog.service
diff --git a/dockerfiles/email/postfix/Dockerfile b/dockerfiles/email/postfix/Dockerfile
index c92381a..1759709 100644
--- a/dockerfiles/email/postfix/Dockerfile
+++ b/dockerfiles/email/postfix/Dockerfile
@@ -10,7 +10,6 @@ RUN apt-get update \
&& echo "postfix postfix/root_address string 'ROOTMAIL@EXAMPLE.COM'" | debconf-set-selections \
&& apt-get install -q -y \
postfix \
- rsyslog \
supervisor \
&& rm -rf /var/lib/apt/lists/*
@@ -18,7 +17,7 @@ COPY install.sh install.sh
RUN chmod 755 /install.sh
-VOLUME ["/var/spool/mail", "/var/log"]
+VOLUME ["/var/spool/mail"]
EXPOSE 25
diff --git a/dockerfiles/email/postfix/install.sh b/dockerfiles/email/postfix/install.sh
index a4e30bd..d08694b 100755
--- a/dockerfiles/email/postfix/install.sh
+++ b/dockerfiles/email/postfix/install.sh
@@ -16,8 +16,6 @@ command = /etc/init.d/postfix start
startsecs = 0
autorestart = false
-[program:rsyslog]
-command=/usr/sbin/rsyslogd -n
EOF
# put the same FQDN in /data/hostname and in reverse DNS
diff --git a/dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl b/dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl
index 3962074..c534eaa 100644
--- a/dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl
+++ b/dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl
@@ -1,4 +1,6 @@
global
+ log /dev/log local0 info
+ log /dev/log local0 notice
maxconn 4096
user haproxy
group haproxy
@@ -6,6 +8,7 @@ global
ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
defaults
+ log global
mode http
option forwardfor
option httpclose
@@ -16,6 +19,7 @@ defaults
timeout client 50000
timeout server 50000
+
frontend https-in
mode http
bind *:443 ssl no-sslv3 crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/default.pem
diff --git a/dockerfiles/load-balancer/haproxy/Dockerfile b/dockerfiles/load-balancer/haproxy/Dockerfile
index 991ba67..d82471e 100644
--- a/dockerfiles/load-balancer/haproxy/Dockerfile
+++ b/dockerfiles/load-balancer/haproxy/Dockerfile
@@ -10,7 +10,7 @@ RUN \
VOLUME ["/etc/haproxy"]
ENTRYPOINT ["haproxy"]
-CMD ["-d", "-f", "/etc/haproxy/haproxy.cfg"]
+CMD ["-f", "/etc/haproxy/haproxy.cfg"]
EXPOSE 80
EXPOSE 443
diff --git a/dockerfiles/load-balancer/haproxy/README.md b/dockerfiles/load-balancer/haproxy/README.md
index e839cc6..e98557c 100644
--- a/dockerfiles/load-balancer/haproxy/README.md
+++ b/dockerfiles/load-balancer/haproxy/README.md
@@ -4,8 +4,6 @@ The smallest HAproxy docker image in town ;)
## Run
-This image will log everything to stdout/stderr. Somehow, it respects 12-Factor App. But it uses the debug flag of HAProxy. If you have a better idea, please read this [blog post](http://pierre-o.fr/blog/2014/08/27/haproxy-coreos/) first.
-
```bash
docker run\
-v /haproxy-config:/etc/haproxy\
diff --git a/dockerfiles/rsyslog/Dockerfile b/dockerfiles/rsyslog/Dockerfile
new file mode 100644
index 0000000..96ff42c
--- /dev/null
+++ b/dockerfiles/rsyslog/Dockerfile
@@ -0,0 +1,14 @@
+FROM debian:jessie
+
+ENV DEBIAN_FRONTEND noninteractive
+RUN apt-get update && \
+ apt-get install -q -y rsyslog && \
+ rm -rf /var/lib/apt/lists/*
+
+ADD haproxy /etc/logrotate.d/haproxy
+ADD postfix /etc/logrotate.d/postfix
+
+VOLUME [ "/dev", "/var/log" ]
+
+ENTRYPOINT [ "rsyslogd", "-n" ]
+
diff --git a/dockerfiles/rsyslog/haproxy b/dockerfiles/rsyslog/haproxy
new file mode 100644
index 0000000..9bba22f
--- /dev/null
+++ b/dockerfiles/rsyslog/haproxy
@@ -0,0 +1,14 @@
+/var/log/haproxy*.log
+{
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ reload rsyslog >/dev/null 2>&1 || true
+ endscript
+}
+
diff --git a/dockerfiles/rsyslog/postfix b/dockerfiles/rsyslog/postfix
new file mode 100644
index 0000000..79fdf3f
--- /dev/null
+++ b/dockerfiles/rsyslog/postfix
@@ -0,0 +1,14 @@
+/var/log/mail.*
+{
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ reload rsyslog >/dev/null 2>&1 || true
+ endscript
+}
+
diff --git a/unit-files/haproxy.service b/unit-files/haproxy.service
index 6345b4c..0a55ca9 100644
--- a/unit-files/haproxy.service
+++ b/unit-files/haproxy.service
@@ -6,6 +6,7 @@ Requires=docker.service
# Dependency ordering
After=docker.service
+After=rsyslog.service
[Service]
Restart=always
@@ -16,6 +17,7 @@ ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run \
--rm \
--name %p \
+ -v /data/runtime/dev/log:/dev/log \
-v /data/runtime/haproxy:/etc/haproxy \
-p 80:80 \
-p 443:443 \
diff --git a/unit-files/mysql@.service b/unit-files/mysql@.service
index 5892aec..ce276a0 100644
--- a/unit-files/mysql@.service
+++ b/unit-files/mysql@.service
@@ -34,6 +34,7 @@ ExecStartPre=/bin/bash -euxc ' \
ExecStart=/opt/bin/systemd-docker run \
--rm \
--name %p-%i \
+ -v /data/runtime/domains/%i/log/mysql:/var/log/mysql \
-v /data/runtime/domains/%i/%p/db_files:/var/lib/mysql \
--env-file /data/domains/%i/%p/.env \
pierreozoux/mysql
diff --git a/unit-files/postfix.service b/unit-files/postfix.service
index 3ccc0cb..4518078 100644
--- a/unit-files/postfix.service
+++ b/unit-files/postfix.service
@@ -6,6 +6,7 @@ Requires=docker.service
# Dependency ordering
After=docker.service
+After=rsyslog.service
[Service]
Restart=always
@@ -16,6 +17,7 @@ ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run \
--rm \
--name %p \
+ -v /data/runtime/dev/log:/dev/log \
-v /data/runtime/postfix/:/data \
-p 25:25 \
pierreozoux/postfix
diff --git a/unit-files/rsyslog.service b/unit-files/rsyslog.service
new file mode 100644
index 0000000..7c5d058
--- /dev/null
+++ b/unit-files/rsyslog.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=%p
+
+# Requirements
+Requires=docker.service
+
+# Dependency ordering
+After=docker.service
+
+[Service]
+Restart=always
+RestartSec=20
+TimeoutStartSec=0
+ExecStartPre=-/usr/bin/docker kill %p
+ExecStartPre=-/usr/bin/docker rm %p
+ExecStart=/usr/bin/docker run \
+ --rm \
+ --name rsyslog \
+ -v /data/runtime/dev:/dev \
+ -v /data/runtime/log:/var/log \
+ pierreozoux/rsyslog
+ExecReload=/usr/bin/docker restart %p
+ExecStop=/usr/bin/docker stop %p
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/unit-files/web@.service b/unit-files/web@.service
index 7000533..5dbd89f 100644
--- a/unit-files/web@.service
+++ b/unit-files/web@.service
@@ -27,6 +27,7 @@ ExecStart=/bin/bash -euxc ' \
/opt/bin/systemd-docker --env run \
--rm \
--name %i \
+ -v /data/runtime/domains/%i/log/apache2:/var/log/apache2 \
${DOCKER_ARGUMENTS} \
pierreozoux/${APPLICATION}'
ExecReload=/usr/bin/docker restart %i
--
GitLab