add logrotate config; switch to new loop syntax

2019-01-30 22:35:57 +01:00 · 2019-01-30 22:35:57 +01:00 · 1889eedd0e
parent f84f00edf0
commit 1889eedd0e
6 changed files with 33 additions and 6 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -38,7 +38,7 @@ matrix_lvm_enabled: False
 matrix_base_dir: "/opt/matrix"
 matrix_conf_dir: "{{ matrix_base_dir }}/config"
 matrix_data_dir: "{{ matrix_base_dir }}/data"
-matrix_log_dir: "{{ matrix_base_dir }}/logs"
+matrix_log_dir: "{{ matrix_base_dir }}/log"

 matrix_log_file_level: INFO
 matrix_log_console_level: ERROR
@ -47,6 +47,16 @@ matrix_log_synapse_sql_level: INFO
 matrix_log_ldap_level: INFO
 matrix_log_ldap_auth_level: INFO

+matrix_logrotate_enabled: False
+matrix_logrotate_config:
+  - log: "{{ matrix_log_dir }}/homeserver.log"
+    options:
+      - weekly
+      - rotate 4
+      - maxsize 250K
+      - compress
+      - shred
+
 matrix_server_url: example.com
 matrix_client_url: https://matrix.example.com

--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -65,6 +65,13 @@
        dest: "/etc/systemd/system/matrix.service"
      notify: __matrix_restart

+    - name: Copy logrotate config
+      template:
+        src: "etc/logrotate.d/config.j2"
+        dest: "/etc/logrotate.d/matrix"
+      loop: "{{ matrix_logrotate_config }}"
+      when: matrix_logrotate_enabled
+
    - name: Open ports in iptables
      iptables_raw:
        name: "{{ item.name }}"
@ -72,7 +79,7 @@
        state: "{{ item.state }}"
        weight: "{{ item.weight | default(omit) }}"
        table: "{{ item.table | default(omit) }}"
-      with_items: "{{ matrix_open_ports }}"
+      loop: "{{ matrix_open_ports }}"
      loop_control:
        label: "{{ item.name }}"
      when: matrix_iptables_enabled
--- a/tasks/nginx.yml
+++ b/tasks/nginx.yml
@ -5,7 +5,7 @@
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
-      with_items:
+      loop:
        - { src: "{{ matrix_tls_key_source }}", dest: '/etc/pki/tls/private/{{ matrix_nginx_tls_key_file }}', mode: '0600' }
        - { src: "{{ matrix_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ matrix_nginx_tls_cert_file }}', mode: '0750' }
      loop_control:
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@ -7,7 +7,7 @@
        owner: "{{ matrix_user }}"
        group: "{{ matrix_group }}"
        recurse: True
-      with_items:
+      loop:
        - "{{ matrix_tls_dhparam_path | dirname }}"
        - "{{ matrix_tls_cert_path | dirname }}"
        - "{{ matrix_tls_key_path | dirname }}"
@ -20,7 +20,7 @@
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
-      with_items:
+      loop:
        - { src: "{{ matrix_tls_key_source }}", dest: '{{ matrix_tls_key_path }}', mode: '0600' }
        - { src: "{{ matrix_tls_cert_source }}", dest: '{{ matrix_tls_cert_path }}', mode: '0650' }
      loop_control:
--- a/templates/etc/logrotate.d/config.j2
+++ b/templates/etc/logrotate.d/config.j2
@ -0,0 +1,10 @@
+#jinja2: lstrip_blocks: True
+# {{ ansible_managed }}
+{{ item.log }} {
+  {% for option in item.options %}
+  {{ option }}
+  {% endfor %}
+  postrotate
+    /usr/bin/pkill -HUP rsyslogd
+  endscript
+}
--- a/templates/etc/systemd/system/matrix.service.j2
+++ b/templates/etc/systemd/system/matrix.service.j2
@ -1,5 +1,5 @@
 #jinja2: lstrip_blocks: True
-## {{ ansible_managed }}
+# {{ ansible_managed }}
 [Unit]
 Description=Synapse Matrix homeserver