From a737d2675e2c37690c106f2ada27d7bec8c6efa1 Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Tue, 30 Jul 2019 14:47:33 -0700
Subject: [PATCH] Fix logrotation rules

* explicitly specify the dirs that are getting rotated
* app log rules are now moved to logrotate.ejs
* we keep task logs for a week

Some testing notes:
* touch -d "10 days ago" foo
* logrotate /etc/logrotate.conf -v to test rotation. there is a state
file created in /var/lib/logrotate/status. If we have a 'daily' rule,
it will get processed only after a log line in status exists and it's atleast
1 day old timestamp.

https://github.com/logrotate/logrotate/blob/master/logrotate.c is quite
readable
---
 setup/start.sh                 |  2 +-
 setup/start/logrotate/app      | 18 ------------------
 setup/start/logrotate/box      |  3 ++-
 setup/start/logrotate/platform | 31 +++++++++++++++++++++++++++++++
 src/apptask.js                 |  2 +-
 src/logrotate.ejs              | 28 ++++++++++++++++++++--------
 6 files changed, 55 insertions(+), 29 deletions(-)
 delete mode 100644 setup/start/logrotate/app
 create mode 100644 setup/start/logrotate/platform

diff --git a/setup/start.sh b/setup/start.sh
index 6d75d2e21..42107c32a 100755
--- a/setup/start.sh
+++ b/setup/start.sh
@@ -122,8 +122,8 @@ echo "==> Configuring logrotate"
 if ! grep -q "^include ${PLATFORM_DATA_DIR}/logrotate.d" /etc/logrotate.conf; then
     echo -e "\ninclude ${PLATFORM_DATA_DIR}/logrotate.d\n" >> /etc/logrotate.conf
 fi
+rm -f "${PLATFORM_DATA_DIR}/logrotate.d/"*
 cp "${script_dir}/start/logrotate/"* "${PLATFORM_DATA_DIR}/logrotate.d/"
-rm -f "${PLATFORM_DATA_DIR}/logrotate.d/box-logrotate" "${PLATFORM_DATA_DIR}/logrotate.d/app-logrotate" # remove pre 3.6 config files
 
 # logrotate files have to be owned by root, this is here to fixup existing installations where we were resetting the owner to yellowtent
 chown root:root "${PLATFORM_DATA_DIR}/logrotate.d/"
diff --git a/setup/start/logrotate/app b/setup/start/logrotate/app
deleted file mode 100644
index acc28eeb4..000000000
--- a/setup/start/logrotate/app
+++ /dev/null
@@ -1,18 +0,0 @@
-# logrotate config for app, crash, addon and task logs
-
-# man 7 glob
-/home/yellowtent/platformdata/logs/[!t][!a][!s][!k][!s]/*.log {
-    # only keep one rotated file, we currently do not send that over the api
-    rotate 1
-    size 10M
-    # we never compress so we can simply tail the files
-    nocompress
-    copytruncate
-}
-
-/home/yellowtent/platformdata/logs/tasks/*.log {
-    monthly
-    rotate 0
-    missingok
-}
-
diff --git a/setup/start/logrotate/box b/setup/start/logrotate/box
index b0f195db6..bb3294070 100644
--- a/setup/start/logrotate/box
+++ b/setup/start/logrotate/box
@@ -1,7 +1,8 @@
 # logrotate config for box logs
 
+# keep upto 5 logs of size 10M each
 /home/yellowtent/platformdata/logs/box.log {
-    rotate 10
+    rotate 5
     size 10M
     # we never compress so we can simply tail the files
     nocompress
diff --git a/setup/start/logrotate/platform b/setup/start/logrotate/platform
new file mode 100644
index 000000000..0fef1911c
--- /dev/null
+++ b/setup/start/logrotate/platform
@@ -0,0 +1,31 @@
+# logrotate config for app, crash, addon and task logs
+
+# man 7 glob
+/home/yellowtent/platformdata/logs/graphite/*.log
+/home/yellowtent/platformdata/logs/mail/*.log
+/home/yellowtent/platformdata/logs/mysql/*.log
+/home/yellowtent/platformdata/logs/mongodb/*.log
+/home/yellowtent/platformdata/logs/postgresql/*.log
+/home/yellowtent/platformdata/logs/sftp/*.log
+/home/yellowtent/platformdata/logs/redis-*/*.log
+/home/yellowtent/platformdata/logs/crash/*.log
+/home/yellowtent/platformdata/logs/updater/*.log {
+    # only keep one rotated file, we currently do not send that over the api
+    rotate 1
+    size 10M
+    missingok
+    # we never compress so we can simply tail the files
+    nocompress
+    copytruncate
+}
+
+# keep task logs for a week. the 'nocreate' option ensures empty log files are not
+# created post rotation
+/home/yellowtent/platformdata/logs/tasks/*.log {
+    minage 7
+    daily
+    rotate 0
+    missingok
+    nocreate
+}
+
diff --git a/src/apptask.js b/src/apptask.js
index f67953d82..fcb2eda01 100644
--- a/src/apptask.js
+++ b/src/apptask.js
@@ -232,7 +232,7 @@ function addLogrotateConfig(app, callback) {
         if (!runVolume) return callback(new Error('App does not have /run mounted'));
 
         // logrotate configs can have arbitrary commands, so the config files must be owned by root
-        var logrotateConf = ejs.render(LOGROTATE_CONFIG_EJS, { volumePath: runVolume.Source });
+        var logrotateConf = ejs.render(LOGROTATE_CONFIG_EJS, { volumePath: runVolume.Source, appId: app.id });
         var tmpFilePath = path.join(os.tmpdir(), app.id + '.logrotate');
         fs.writeFile(tmpFilePath, logrotateConf, function (error) {
             if (error) return callback(error);
diff --git a/src/logrotate.ejs b/src/logrotate.ejs
index d422255a6..e2d97ccc0 100644
--- a/src/logrotate.ejs
+++ b/src/logrotate.ejs
@@ -1,11 +1,23 @@
-# Generated by apptask for the /run mount
+# Generated by apptask
 
+# keep upto 7 rotated logs. rotation triggered daily or ahead of time if size is > 1M
 <%= volumePath %>/*.log <%= volumePath %>/*/*.log <%= volumePath %>/*/*/*.log {
-  rotate 7
-  daily
-  compress
-  maxsize=1M
-  missingok
-  delaycompress
-  copytruncate
+    rotate 7
+    daily
+    compress
+    maxsize 1M
+    missingok
+    delaycompress
+    copytruncate
 }
+
+/home/yellowtent/platformdata/logs/<%= appId %>/*.log {
+    # only keep one rotated file, we currently do not send that over the api
+    rotate 1
+    size 10M
+    missingok
+    # we never compress so we can simply tail the files
+    nocompress
+    copytruncate
+}
+