feat: fix access_logd + provide default database
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful

This commit is contained in:
f 2023-01-21 20:14:57 -03:00
parent 45092d15ae
commit ae0c039c5b
3 changed files with 21 additions and 1 deletions

View file

@ -3,7 +3,7 @@ ARG BASE_IMAGE=sutty/monit
MAINTAINER "f <f@sutty.nl>"
ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///root/development.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json"
ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///var/log/access_log.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json"
@ -17,7 +17,9 @@ RUN addgroup nginx ssl
COPY ./monit.conf /etc/monit.d/nginx.conf
COPY ./prometheusd.sh /usr/local/bin/prometheusd
COPY ./access_logd.sh /usr/bin/access_logd
COPY ./nginx /etc/nginx
COPY ./access_log.sqlite3 /var/lib/access_log.sqlite3
# Install modules after rewriting /etc/nginx
RUN apk add --no-cache nginx-mod-http-brotli nginx-mod-http-geoip2
@ -27,6 +29,11 @@ RUN mv /etc/nginx/access_logd_`access_log -v`.conf /etc/nginx/access_logd.conf
RUN chown -R nginx:nginx /etc/nginx
RUN nginx -t
# access_logd runs as nobody but the socket can be written to by nginx
RUN delgroup nobody nobody
RUN addgroup nobody www-data
RUN chown nobody:www-data /var/lib/access_log.sqlite3
# Shared configuration
VOLUME /etc/nginx/sites
VOLUME /etc/letsencrypt

access_log.sqlite3 Normal file

Binary file not shown.

access_logd.sh Executable file
View file

@ -0,0 +1,13 @@
# Fail if there are no options provided
test -n "$ACCESS_LOGS_FLAGS" || exit 1
# Give write access to Nginx
umask 007
# Copy default database
install -m 640 /var/lib/access_log.sqlite3 /var/log/access_log.sqlite3
# Read from fifo and load into database
daemonize -p /run/access_logd.pid -u nobody /usr/bin/access_log $ACCESS_LOGS_FLAGS