From 66a554a13b8a5006da43c3f9f885fc4b01b8a6c4 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 14 Mar 2024 23:59:42 +0100 Subject: [PATCH] core: configure log retention --- modules/core/default.nix | 1 + modules/core/logging.nix | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 modules/core/logging.nix diff --git a/modules/core/default.nix b/modules/core/default.nix index c4badf4..6615617 100644 --- a/modules/core/default.nix +++ b/modules/core/default.nix @@ -2,6 +2,7 @@ { imports = [ ./base.nix + ./logging.nix ./bacula.nix ./fail2ban.nix ./initrd-ssh.nix diff --git a/modules/core/logging.nix b/modules/core/logging.nix new file mode 100644 index 0000000..fc5d53a --- /dev/null +++ b/modules/core/logging.nix @@ -0,0 +1,36 @@ +{ pkgs, ... }: +{ + services.rsyslogd = { + enable = true; + defaultConfig = '' + :programname, isequal, "postfix" /var/log/postfix.log + + auth.* -/var/log/auth.log + ''; + }; + services.logrotate.configFile = pkgs.writeText "logrotate.conf" '' + weekly + missingok + notifempty + rotate 4 + "/var/log/postfix.log" { + compress + delaycompress + weekly + rotate 156 + dateext + dateformat .%Y-%m-%d + extension log + } + "/var/log/nginx/*.log" { + compress + delaycompress + weekly + postrotate + [ ! -f /var/run/nginx/nginx.pid ] || kill -USR1 `cat /var/run/nginx/nginx.pid` + endscript + rotate 26 + su nginx nginx + } + ''; +}