improved logging with rsyslog
This commit is contained in:
parent
6e3c2ddcc2
commit
aaef370079
|
@ -11,7 +11,7 @@ COPY scripts/ /opt/scripts
|
|||
COPY fail2ban/ /opt/fail2ban
|
||||
COPY logs/ /opt/logs
|
||||
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils && \
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils rsyslog && \
|
||||
chmod +x /opt/entrypoint.sh /opt/scripts/* && \
|
||||
mkdir /opt/entrypoint.d && \
|
||||
adduser -h /dev/null -g '' -s /sbin/nologin -D -H nginx
|
||||
|
|
|
@ -11,7 +11,7 @@ COPY scripts/ /opt/scripts
|
|||
COPY fail2ban/ /opt/fail2ban
|
||||
COPY logs/ /opt/logs
|
||||
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils && \
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils rsyslog && \
|
||||
chmod +x /opt/entrypoint.sh /opt/scripts/* && \
|
||||
mkdir /opt/entrypoint.d && \
|
||||
adduser -h /dev/null -g '' -s /sbin/nologin -D -H nginx
|
||||
|
|
|
@ -18,7 +18,7 @@ COPY scripts/ /opt/scripts
|
|||
COPY fail2ban/ /opt/fail2ban
|
||||
COPY logs/ /opt/logs
|
||||
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils && \
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils rsyslog && \
|
||||
chmod +x /opt/entrypoint.sh /opt/scripts/* && \
|
||||
mkdir /opt/entrypoint.d && \
|
||||
adduser -h /dev/null -g '' -s /sbin/nologin -D -H nginx
|
||||
|
|
|
@ -11,7 +11,7 @@ COPY scripts/ /opt/scripts
|
|||
COPY fail2ban/ /opt/fail2ban
|
||||
COPY logs/ /opt/logs
|
||||
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils && \
|
||||
RUN apk --no-cache add php7-fpm certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban clamav apache2-utils rsyslog && \
|
||||
chmod +x /opt/entrypoint.sh /opt/scripts/* && \
|
||||
mkdir /opt/entrypoint.d && \
|
||||
adduser -h /dev/null -g '' -s /sbin/nologin -D -H nginx
|
||||
|
|
|
@ -12,9 +12,6 @@ worker_processes auto;
|
|||
# faster regexp
|
||||
pcre_jit on;
|
||||
|
||||
# display warnings and errors on stderr
|
||||
error_log stderr warn;
|
||||
|
||||
# config files for dynamic modules
|
||||
include /etc/nginx/modules/*.conf;
|
||||
|
||||
|
@ -64,9 +61,9 @@ http {
|
|||
# get real IP address if behind a reverse proxy
|
||||
%PROXY_REAL_IP%
|
||||
|
||||
# write logs to local syslogd
|
||||
access_log syslog:server=unix:/dev/log,nohostname,facility=local0 combined;
|
||||
error_log syslog:server=unix:/dev/log,nohostname,facility=local0,severity=warn;
|
||||
# write logs to local syslog
|
||||
access_log syslog:server=unix:/dev/log,nohostname,facility=local0,severity=notice combined;
|
||||
error_log syslog:server=unix:/dev/log,nohostname,facility=local0 warn;
|
||||
|
||||
# lua path
|
||||
lua_package_path "/usr/local/lib/lua/?.lua;;";
|
||||
|
|
|
@ -50,7 +50,7 @@ function spaces_to_lua() {
|
|||
cp /opt/confs/*.conf /etc/nginx
|
||||
cp -r /opt/confs/owasp-crs /etc/nginx
|
||||
cp /opt/confs/php.ini /etc/php7/php.ini
|
||||
cp /opt/logs/syslog.conf /etc/syslog.conf
|
||||
cp /opt/logs/rsyslog.conf /etc/rsyslog.conf
|
||||
cp /opt/logs/logrotate.conf /etc/logrotate.conf
|
||||
|
||||
# remove cron jobs
|
||||
|
@ -484,8 +484,8 @@ if [ "$WRITE_ACCESS" = "yes" ] ; then
|
|||
chmod g+w -R /www
|
||||
fi
|
||||
|
||||
# start syslogd
|
||||
syslogd -S
|
||||
# start rsyslogd
|
||||
rsyslogd
|
||||
|
||||
# start PHP
|
||||
if [ "$USE_PHP" = "yes" ] ; then
|
||||
|
@ -500,8 +500,11 @@ crond
|
|||
# start nginx
|
||||
echo "[*] Running nginx ..."
|
||||
/usr/sbin/nginx
|
||||
if [ ! -f "/var/log/nginx.log" ] ; then
|
||||
touch /var/log/nginx.log
|
||||
if [ ! -f "/var/log/access.log" ] ; then
|
||||
touch /var/log/access.log
|
||||
fi
|
||||
if [ ! -f "/var/log/error.log" ] ; then
|
||||
touch /var/log/error.log
|
||||
fi
|
||||
if [ ! -f "/var/log/php.log" ] && [ "$USE_PHP" = "yes" ] ; then
|
||||
touch /var/log/php.log
|
||||
|
@ -519,9 +522,9 @@ echo "0 0 * * * logrotate -f /etc/logrotate.conf > /dev/null 2>&1" >> /etc/cront
|
|||
|
||||
# display logs
|
||||
if [ "$USE_PHP" = "yes" ] ; then
|
||||
tail -f /var/log/nginx.log /var/log/php.log &
|
||||
tail -f /var/log/access.log /var/log/error.log /var/log/php.log &
|
||||
else
|
||||
tail -f /var/log/nginx.log &
|
||||
tail -f /var/log/access.log /var/log/error.log &
|
||||
fi
|
||||
wait $!
|
||||
|
||||
|
|
|
@ -2,6 +2,6 @@
|
|||
before = common.conf
|
||||
|
||||
[Definition]
|
||||
failregex = .* nginx: <HOST> - .* \[.*\] ".*" (%FAIL2BAN_STATUS_CODES%) .* ".*" ".*"
|
||||
failregex = <HOST> - .* \[.*\] ".*" (%FAIL2BAN_STATUS_CODES%) .* ".*" ".*"
|
||||
ignoreregex =
|
||||
datepattern = %%d/%%b/%%Y:%%H:%%M:%%S
|
||||
|
|
|
@ -4,4 +4,4 @@ findtime = %FAIL2BAN_FINDTIME%
|
|||
maxretry = %FAIL2BAN_MAXRETRY%
|
||||
enabled = true
|
||||
action = nginx-action
|
||||
logpath = /var/log/nginx.log
|
||||
logpath = /var/log/access.log
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
#### Global directives ####
|
||||
|
||||
# Sets the directory that rsyslog uses for work files.
|
||||
$WorkDirectory /var/lib/rsyslog
|
||||
|
||||
# Sets default permissions for all log files.
|
||||
$FileOwner root
|
||||
$FileGroup root
|
||||
$FileCreateMode 0600
|
||||
$DirCreateMode 0700
|
||||
$Umask 0077
|
||||
|
||||
# Include all config files in /etc/rsyslog.d/.
|
||||
include(file="/etc/rsyslog.d/*.conf" mode="optional")
|
||||
|
||||
#### Modules ####
|
||||
|
||||
# Provides --MARK-- message capability.
|
||||
module(load="immark")
|
||||
|
||||
# Provides support for local system logging (e.g. via logger command).
|
||||
module(load="imuxsock")
|
||||
|
||||
# Nginx
|
||||
$template rawFormat,"%msg:2:2048%\n"
|
||||
local0.=notice /var/log/access.log;rawFormat
|
||||
local0.*;local0.!=notice /var/log/error.log;rawFormat
|
||||
|
||||
# PHP
|
||||
local1.* /var/log/php.log
|
|
@ -1,2 +0,0 @@
|
|||
local0.* /var/log/nginx.log
|
||||
local1.* /var/log/php.log
|
Loading…
Reference in New Issue