From ae0c039c5bda00426eb1a7570abdf8eef43066d9 Mon Sep 17 00:00:00 2001 From: f Date: Sat, 21 Jan 2023 20:14:57 -0300 Subject: [PATCH] feat: fix access_logd + provide default database --- Dockerfile | 9 ++++++++- access_log.sqlite3 | Bin 0 -> 45056 bytes access_logd.sh | 13 +++++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 access_log.sqlite3 create mode 100755 access_logd.sh diff --git a/Dockerfile b/Dockerfile index f571cd3..4f47a86 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG BASE_IMAGE=sutty/monit FROM ${BASE_IMAGE}:${ALPINE_VERSION} MAINTAINER "f " -ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///root/development.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json" +ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///var/log/access_log.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json" ENV ACCESS_LOGS_FLAGS=${ACCESS_LOGS_FLAGS} @@ -17,7 +17,9 @@ RUN addgroup nginx ssl COPY ./monit.conf /etc/monit.d/nginx.conf COPY ./prometheusd.sh /usr/local/bin/prometheusd +COPY ./access_logd.sh /usr/bin/access_logd COPY ./nginx /etc/nginx +COPY ./access_log.sqlite3 /var/lib/access_log.sqlite3 # Install modules after rewriting /etc/nginx RUN apk add --no-cache nginx-mod-http-brotli nginx-mod-http-geoip2 @@ -27,6 +29,11 @@ RUN mv /etc/nginx/access_logd_`access_log -v`.conf /etc/nginx/access_logd.conf RUN chown -R nginx:nginx /etc/nginx RUN nginx -t +# access_logd runs as nobody but the socket can be written to by nginx +RUN delgroup nobody nobody +RUN addgroup nobody www-data +RUN chown nobody:www-data /var/lib/access_log.sqlite3 + # Shared configuration VOLUME /etc/nginx/sites VOLUME /etc/letsencrypt diff --git a/access_log.sqlite3 b/access_log.sqlite3 new file mode 100644 index 0000000000000000000000000000000000000000..21840f687669bf7945d09cf6533d8d88042ab46d GIT binary patch literal 45056 zcmeI#O>g5w7zgkqP2)7HYKw#vakE?r5s7!iaRp^JNEO)@N-MFa(bSnZ7LLa|o-7Fx zha5Qb4fq}$`9xef@{H58(>7ygujU^qX;RP2GrxKN@rO~Yg+GyM#uzC3O-$rlm_lEb+)4#o6y>92XPHX??_FwHI z`X^ox_`eIRx;?M|^0>MBC{D*>QG75Sh9b{dBBPwilufnHm{f5Tr`D4v&o722mqY*b z?8WdWKd8zX_~&PSVC4_|4+5*?V6b}s!0U4g<;opOBxIa@&c_{fGkPI|eG}saB6-J$Tz#tzxRfwG$6k?|NSUiXwjIj=1QHc`g*= zkw~?L+T9`02f4S#_b|<1+41_%DXRC}QRSNJd2R*c?GVg5)7BVn9t~FA{mOB##Ot}p zHJhv03ZSz?09MYeQP|H1S=;MBBZWh^!u<&LcZh&;Y^~Y+e~|Ba{jaFTcic5jB}v^a z1MMBEG+DORSv(m0ao+U$$H&b-h340ZJ!!3aS~vAvo_sSJK3pz(w91SF|LpwIKf4-@ z{O>PLU!GjN^1mCt`jDQj>wm*lIOWQJG5q%AYP3#ip3ZU+2L2?Gbk=zIj0XK18uyu! zT81(Sd{-fxewztBl@v-10Mx9Jj2b8AM$PGV7FS*#jnh-5UnTuxRZ zRvoLII^k(FrxmZF>`d`!#w!wqJe&$u7r_0${(X!VLI45~fB*y_009U< L00Izz00jO6uhl_} literal 0 HcmV?d00001 diff --git a/access_logd.sh b/access_logd.sh new file mode 100755 index 0000000..9739c18 --- /dev/null +++ b/access_logd.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +# Fail if there are no options provided +test -n "$ACCESS_LOGS_FLAGS" || exit 1 + +# Give write access to Nginx +umask 007 + +# Copy default database +install -m 640 /var/lib/access_log.sqlite3 /var/log/access_log.sqlite3 + +# Read from fifo and load into database +daemonize -p /run/access_logd.pid -u nobody /usr/bin/access_log $ACCESS_LOGS_FLAGS