From 2f68667893c1c5d6b68040e13d7ccde1a775ec4f Mon Sep 17 00:00:00 2001 From: bunkerity Date: Tue, 27 Oct 2020 21:33:05 +0100 Subject: [PATCH] logrotate copytruncate --- Dockerfile | 4 +++- Dockerfile-amd64 | 4 +++- Dockerfile-arm32v7 | 4 +++- Dockerfile-arm64v8 | 4 +++- Dockerfile-i386 | 4 +++- examples/basic-website-with-php/docker-compose.yml | 2 +- logs/logrotate.conf | 3 +++ 7 files changed, 19 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 74bde7d..142c3b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,9 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c mkdir /opt/entrypoint.d && \ rm -f /var/log/nginx/* && \ chown root:nginx /var/log/nginx && \ - chmod 770 /var/log/nginx + chmod 750 /var/log/nginx && \ + touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \ + chown nginx:nginx /var/log/nginx/*.log VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs diff --git a/Dockerfile-amd64 b/Dockerfile-amd64 index b15929d..7c6c405 100644 --- a/Dockerfile-amd64 +++ b/Dockerfile-amd64 @@ -18,7 +18,9 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c mkdir /opt/entrypoint.d && \ rm -f /var/log/nginx/* && \ chown root:nginx /var/log/nginx && \ - chmod 770 /var/log/nginx + chmod 750 /var/log/nginx && \ + touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \ + chown nginx:nginx /var/log/nginx/*.log VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs diff --git a/Dockerfile-arm32v7 b/Dockerfile-arm32v7 index a88e22e..384e370 100644 --- a/Dockerfile-arm32v7 +++ b/Dockerfile-arm32v7 @@ -25,7 +25,9 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c mkdir /opt/entrypoint.d && \ rm -f /var/log/nginx/* && \ chown root:nginx /var/log/nginx && \ - chmod 770 /var/log/nginx + chmod 750 /var/log/nginx && \ + touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \ + chown nginx:nginx /var/log/nginx/*.log VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs diff --git a/Dockerfile-arm64v8 b/Dockerfile-arm64v8 index 5a23df5..d4d3200 100644 --- a/Dockerfile-arm64v8 +++ b/Dockerfile-arm64v8 @@ -25,7 +25,9 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c mkdir /opt/entrypoint.d && \ rm -f /var/log/nginx/* && \ chown root:nginx /var/log/nginx && \ - chmod 770 /var/log/nginx + chmod 750 /var/log/nginx && \ + touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \ + chown nginx:nginx /var/log/nginx/*.log VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs diff --git a/Dockerfile-i386 b/Dockerfile-i386 index 67c02da..28a1a11 100644 --- a/Dockerfile-i386 +++ b/Dockerfile-i386 @@ -18,7 +18,9 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c mkdir /opt/entrypoint.d && \ rm -f /var/log/nginx/* && \ chown root:nginx /var/log/nginx && \ - chmod 770 /var/log/nginx + chmod 750 /var/log/nginx && \ + touch /var/log/nginx/error.log /var/log/nginx/modsec_audit.log && \ + chown nginx:nginx /var/log/nginx/*.log VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs diff --git a/examples/basic-website-with-php/docker-compose.yml b/examples/basic-website-with-php/docker-compose.yml index 085ba3b..4615b2b 100644 --- a/examples/basic-website-with-php/docker-compose.yml +++ b/examples/basic-website-with-php/docker-compose.yml @@ -7,7 +7,7 @@ services: restart: always ports: - 80:8080 - - 443:88888443 + - 443:8443 volumes: - ./web-files:/www - ./letsencrypt:/etc/letsencrypt diff --git a/logs/logrotate.conf b/logs/logrotate.conf index 735f626..32df410 100644 --- a/logs/logrotate.conf +++ b/logs/logrotate.conf @@ -17,4 +17,7 @@ # mininum size of a logfile before rotating minsize %LOGROTATE_MINSIZE% + + # make a copy and truncate the files + copytruncate }