forked from evolix/ansible-roles
userlogrotate: new version, with separate conf file
This commit is contained in:
parent
204b8af59b
commit
81849c6537
|
@ -23,6 +23,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* nagios-nrpe: add a NRPE check-local command with completion.
|
* nagios-nrpe: add a NRPE check-local command with completion.
|
||||||
* policy_pam: New role allowing to manage password policy with pam_pwquality & pam_pwhistory
|
* policy_pam: New role allowing to manage password policy with pam_pwquality & pam_pwhistory
|
||||||
* userlogrotate: rotate also php.log.
|
* userlogrotate: rotate also php.log.
|
||||||
|
* userlogrotate: new version, with separate conf file
|
||||||
* docker-host: added var for user namespace setting
|
* docker-host: added var for user namespace setting
|
||||||
* dovecot: fix old_stats plugin for Dovecot 2.3.
|
* dovecot: fix old_stats plugin for Dovecot 2.3.
|
||||||
* dovecot: add Munin plugins dovecot1 and dovecot_stats (patched)
|
* dovecot: add Munin plugins dovecot1 and dovecot_stats (patched)
|
||||||
|
|
|
@ -1,58 +1,125 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Userlogrotate rotates logs in custom paths.
|
||||||
|
# The difference with logrotate is that it sets
|
||||||
|
# the owner:group according to the location of each log.
|
||||||
|
|
||||||
|
CONF_PATH="/etc/evolinux/userlogrotate.conf" # optional file
|
||||||
|
|
||||||
|
# Default conf
|
||||||
|
DELETE_AFTER_RETENTION_DAYS="false" # values: true | false
|
||||||
|
RETENTION_DAYS=365 # only applies if $RETENTION_DAYS == "true"
|
||||||
|
SYSTEM_LOGS_SEARCH_PATHS=( # will chown root:$user
|
||||||
|
/home/*/log
|
||||||
|
)
|
||||||
|
APPLICATIVE_LOGS_SEARCH_PATHS=( # will chown $user:$user
|
||||||
|
/home/*/www/{,current/}log
|
||||||
|
)
|
||||||
|
SYSTEM_LOG_NAMES=(access.log access-*.log error.log php.log)
|
||||||
|
APPLICATIVE_LOG_NAMES=(production.log delayed_job.log development.log test.log)
|
||||||
|
DRY_RUN=false # do echo instead of executing, values: true | false
|
||||||
|
|
||||||
|
############################################################
|
||||||
|
|
||||||
DATE="$(/bin/date +"%Y-%m-%d")"
|
DATE="$(/bin/date +"%Y-%m-%d")"
|
||||||
HOMEPREFIX="/home"
|
|
||||||
|
if [ -f "${CONF_PATH}" ]; then
|
||||||
|
source "${CONF_PATH}"
|
||||||
|
fi
|
||||||
|
|
||||||
rotate () {
|
rotate () {
|
||||||
mv $1 $1.$DATE
|
if [ ${DRY_RUN} == "false" ]; then
|
||||||
touch $1
|
mv $1 $1.${DATE}
|
||||||
chown $2 $1
|
touch $1
|
||||||
chmod g+r $1
|
chown $2 $1
|
||||||
|
chmod g+r $1
|
||||||
|
else
|
||||||
|
echo "Move $1 to $1.${DATE}"
|
||||||
|
echo "Change $1 owner to $2"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
user_for() {
|
user_for() {
|
||||||
homedir="$(echo $1 | sed "s#\($HOMEPREFIX/\([^/]\+\)\).*#\1#")"
|
stat -L -c '%G' $1
|
||||||
stat -L -c '%G' $homedir
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for log in access.log access-*.log error.log php.log; do
|
delete_old() {
|
||||||
for i in $(ls -1 -d $HOMEPREFIX/*/log/$log 2>/dev/null | grep -v \.bak\.); do
|
if [ ${DELETE_AFTER_RETENTION_DAYS} == "true" ]; then
|
||||||
USER="$(user_for $i)"
|
if [ ${DRY_RUN} == "false" ]; then
|
||||||
rotate $i root:$USER
|
find $1/ -ctime +${RETENTION_DAYS} -delete # slash is needed!
|
||||||
done
|
else
|
||||||
|
echo "Delete files:"
|
||||||
|
find $1/ -ctime +${RETENTION_DAYS}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
compress() {
|
||||||
|
if [ ${DRY_RUN} == "false" ]; then
|
||||||
|
gzip "$1"
|
||||||
|
else
|
||||||
|
echo "Gzipping $1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
for path in ${SYSTEM_LOGS_SEARCH_PATHS[@]}; do
|
||||||
|
for log_name in ${SYSTEM_LOG_NAMES[@]}; do
|
||||||
|
log_paths=$(ls -1 -d ${path}/${log_name} 2>/dev/null | grep -v \.bak\.)
|
||||||
|
for file in ${log_paths}; do
|
||||||
|
user="$(user_for "${file}")"
|
||||||
|
rotate "${file}" root:"${user}"
|
||||||
|
delete_old "$(dirname "${file}")"
|
||||||
|
done
|
||||||
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
for log in production.log delayed_job.log development.log test.log; do
|
for path in ${APPLICATIVE_LOGS_SEARCH_PATHS[@]}; do
|
||||||
for i in $(ls -1 -d $HOMEPREFIX/*/www/{,current/}log/$log 2>/dev/null | grep -v \.bak\.); do
|
for log_name in ${APPLICATIVE_LOG_NAMES[@]}; do
|
||||||
USER="$(user_for $i)"
|
log_paths=$(ls -1 -d ${path}/${log_name} 2>/dev/null | grep -v \.bak\.)
|
||||||
rotate $i $USER:$USER
|
for file in ${log_paths}; do
|
||||||
done
|
user="$(user_for "${file}")"
|
||||||
|
rotate "${file}" "${user}":"${user}"
|
||||||
|
delete_old "$(dirname "${file}")"
|
||||||
|
done
|
||||||
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
test -x /usr/sbin/apache2ctl && if /etc/init.d/apache2 status > /dev/null ; then \
|
if [ -x /usr/sbin/apache2ctl ] && /etc/init.d/apache2 status > /dev/null ; then
|
||||||
/etc/init.d/apache2 reload > /dev/null; \
|
if [ ${DRY_RUN} == "false" ]; then
|
||||||
fi;
|
/etc/init.d/apache2 reload > /dev/null
|
||||||
|
else
|
||||||
|
echo "Reloading Apache"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
test -x /usr/sbin/nginx && invoke-rc.d nginx rotate >/dev/null 2>&1
|
if [ -x /usr/sbin/nginx ]; then
|
||||||
|
if [ ${DRY_RUN} == "false" ]; then
|
||||||
|
invoke-rc.d nginx rotate >/dev/null 2>&1
|
||||||
|
else
|
||||||
|
echo "Reloading Nginx"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
# Zipping is done after web server reload, so that the file descriptor is released.
|
# Zipping is done after web server reload, so that the file descriptor is released.
|
||||||
# Else, an error is raised (gzip file size changed while zipping)
|
# Else, an error is raised (gzip file size changed while zipping)
|
||||||
# and logs written during the zipping process might be lost.
|
# and logs written during the zipping process might be lost.
|
||||||
|
|
||||||
for log in access.log*[!\.gz] access-*.log*[!\.gz] error.log*[!\.gz]; do
|
for path in ${SYSTEM_LOGS_SEARCH_PATHS[@]}; do
|
||||||
for i in $(ls -1 -d $HOMEPREFIX/*/log/$log 2>/dev/null | grep -v \.bak\.); do
|
for log_name in ${SYSTEM_LOG_NAMES[@]}; do
|
||||||
if test -f "$i"; then
|
to_compress_paths=$(ls -1 -d ${path}/${log_name}*[!\.gz] 2>/dev/null | grep -v \.bak\.)
|
||||||
gzip "$i"
|
for file in ${to_compress_paths}; do
|
||||||
fi
|
compress "${file}"
|
||||||
done
|
done
|
||||||
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
for log in production.log*[!\.gz] delayed_job.log*[!\.gz] development.log*[!\.gz] test.log*[!\.gz]; do
|
for path in ${APPLICATIVE_LOGS_SEARCH_PATHS[@]}; do
|
||||||
for i in $(ls -1 -d $HOMEPREFIX/*/www/{,current/}log/$log 2>/dev/null | grep -v \.bak\.); do
|
for log_name in ${APPLICATIVE_LOG_NAMES[@]}; do
|
||||||
if test -f "$i"; then
|
compressed_paths=$(ls -1 -d ${path}/${log_name}*[!\.gz] 2>/dev/null | grep -v \.bak\.)
|
||||||
gzip "$i"
|
for file in ${compressed_paths}; do
|
||||||
fi
|
compress "${file}"
|
||||||
done
|
done
|
||||||
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
|
Loading…
Reference in a new issue