refactor ♻️: Refactor logrotate configuration for better organization and maintainability.
Some checks failed
ansible-lint / Ansible Lint (push) Failing after 6s
Gitleaks Scan / gitleaks (push) Successful in 5s
ai-reviews / Review PR (pull_request) Successful in 37s
Markdown Lint / markdown-lint (push) Successful in 5s
ansible-lint / Ansible Lint (pull_request) Failing after 6s
Gitleaks Scan / gitleaks (pull_request) Successful in 4s
Markdown Lint / markdown-lint (pull_request) Successful in 5s
Some checks failed
ansible-lint / Ansible Lint (push) Failing after 6s
Gitleaks Scan / gitleaks (push) Successful in 5s
ai-reviews / Review PR (pull_request) Successful in 37s
Markdown Lint / markdown-lint (push) Successful in 5s
ansible-lint / Ansible Lint (pull_request) Failing after 6s
Gitleaks Scan / gitleaks (pull_request) Successful in 4s
Markdown Lint / markdown-lint (pull_request) Successful in 5s
This commit refactors the logrotate configuration by installing and customizing policies, replacing the logrotate command with a service restart in handlers, and adding new templates for Proxmox firewall and general logs. This improves the overall structure and manageability of the logrotate settings.
This commit is contained in:
@@ -1,111 +1,30 @@
|
||||
---
|
||||
|
||||
- name: logrotate | Configure all main Proxmox logs
|
||||
|
||||
vars:
|
||||
proxmox_logrotate_files:
|
||||
- /etc/logrotate.conf
|
||||
- /etc/logrotate.d/pve
|
||||
- /etc/logrotate.d/pve-firewall
|
||||
loop: "{{ proxmox_logrotate_files }}"
|
||||
loop_control:
|
||||
loop_var: item
|
||||
|
||||
block:
|
||||
|
||||
- name: logrotate | Check if exists {{ item }}
|
||||
ansible.builtin.stat:
|
||||
path: "{{ item }}"
|
||||
register: logrotate_file
|
||||
|
||||
- name: logrotate | Configure {{ item }}
|
||||
when: logrotate_file.stat.exists
|
||||
block:
|
||||
|
||||
- name: logrotate | Backup once {{ item }}
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ item }}.original"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
remote_src: true
|
||||
args:
|
||||
creates: "{{ item }}.original"
|
||||
|
||||
- name: logrotate | Ensure daily rotation
|
||||
ansible.builtin.replace:
|
||||
path: "{{ item }}"
|
||||
regexp: '^\s*weekly'
|
||||
replace: 'daily'
|
||||
notify: Logrotate reload
|
||||
|
||||
- name: logrotate | Set rotate (number of retained logs)
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ item }}"
|
||||
regexp: '^(\s*rotate\s+).*'
|
||||
line: ' rotate {{ proxmox_logrotate_rotate }}'
|
||||
state: present
|
||||
insertafter: '^\s*daily'
|
||||
notify: Logrotate reload
|
||||
|
||||
- name: logrotate | Ensure maxsize is set
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ item }}"
|
||||
regexp: '^(\s*maxsize\s+).*'
|
||||
line: ' maxsize {{ proxmox_logrotate_maxsize }}'
|
||||
state: present
|
||||
insertafter: '^\s*rotate'
|
||||
notify: Logrotate reload
|
||||
|
||||
- name: logrotate | Ensure Compress
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ item }}"
|
||||
regexp: '^\s*compress\b'
|
||||
line: ' compress'
|
||||
state: present
|
||||
insertafter: '^\s*maxsize'
|
||||
notify: Logrotate reload
|
||||
|
||||
- name: logrotate | Ensure delaycompress
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ item }}"
|
||||
regexp: '^\s*delaycompress\b'
|
||||
line: ' delaycompress'
|
||||
state: present
|
||||
insertafter: '^\s*compress'
|
||||
notify: Logrotate reload
|
||||
|
||||
# only for logrotate.conf
|
||||
|
||||
- name: logrotate | Uncomment dateext if commented
|
||||
ansible.builtin.replace:
|
||||
path: /etc/logrotate.conf
|
||||
regexp: '^\s*#\s*(dateext)\b'
|
||||
replace: '\1'
|
||||
notify: Logrotate reload
|
||||
|
||||
- name: logrotate | Uncomment compress if commented
|
||||
ansible.builtin.replace:
|
||||
path: /etc/logrotate.conf
|
||||
regexp: '^\s*#\s*(compress)\b'
|
||||
replace: '\1'
|
||||
notify: Logrotate reload
|
||||
|
||||
- name: logrotate | Ensure missingok is present
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/logrotate.conf
|
||||
regexp: '^\s*missingok\b'
|
||||
line: 'missingok'
|
||||
- name: "Proxmox | Ensure logrotate is installed"
|
||||
ansible.builtin.apt:
|
||||
name: logrotate
|
||||
state: present
|
||||
insertafter: EOF
|
||||
notify: Logrotate reload
|
||||
update_cache: yes
|
||||
become: true
|
||||
when: proxmox_logrotate_enabled
|
||||
|
||||
- name: logrotate | Ensure notifempty is present
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/logrotate.conf
|
||||
regexp: '^\s*notifempty\b'
|
||||
line: 'notifempty'
|
||||
state: present
|
||||
insertafter: EOF
|
||||
notify: Logrotate reload
|
||||
- name: logrotate | pve logrotate policy
|
||||
ansible.builtin.template:
|
||||
src: pve-logrotate.j2
|
||||
dest: "/etc/logrotate.d/99-pve-custom"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
become: true
|
||||
when: proxmox_logrotate_enabled
|
||||
notify: Restart logrotate
|
||||
|
||||
- name: logrotate | pve-firewall logrotate policy
|
||||
ansible.builtin.template:
|
||||
src: pve-firewall-logrotate.j2
|
||||
dest: "/etc/logrotate.d/99-pve-firewall-custom"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
become: true
|
||||
when: proxmox_logrotate_enabled
|
||||
notify: Restart logrotate
|
||||
|
||||
Reference in New Issue
Block a user