From 9917af7fe0e394d854a8e9548ac0a040cfc44621 Mon Sep 17 00:00:00 2001 From: Dominique Martinet Date: Fri, 11 Feb 2022 17:09:52 +0900 Subject: logrotate: move wtmp/btmp rules to systemd wtmp and btmp are created by systemd, so the rules are more appropriate there. They can be disabled explicitly with something like services.ogrotate.paths = { "/var/log/btmp".enable = false; "/var/log/wtmp".enable = false; }; if required. --- nixos/modules/services/logging/logrotate.nix | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'nixos/modules/services/logging/logrotate.nix') diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index 8cef4e8c083..26d22d90175 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -4,7 +4,6 @@ with lib; let cfg = config.services.logrotate; - inherit (config.users) groups; pathOpts = { name, ... }: { options = { @@ -163,25 +162,6 @@ in } ) cfg.paths; - services.logrotate = { - paths = { - "/var/log/btmp" = { - frequency = mkDefault "monthly"; - keep = mkDefault 1; - extraConfig = '' - create 0660 root ${groups.utmp.name} - ''; - }; - "/var/log/wtmp" = { - frequency = mkDefault "monthly"; - keep = mkDefault 1; - extraConfig = '' - create 0664 root ${groups.utmp.name} - ''; - }; - }; - }; - systemd.services.logrotate = { description = "Logrotate Service"; wantedBy = [ "multi-user.target" ]; -- cgit 1.4.1 From 61c70dbc97b57188aa4c482cbb79171902e53c6e Mon Sep 17 00:00:00 2001 From: Dominique Martinet Date: Fri, 11 Feb 2022 17:13:38 +0900 Subject: logrotate: default to enable if any rule is active --- nixos/doc/manual/from_md/release-notes/rl-2205.section.xml | 7 +++++++ nixos/doc/manual/release-notes/rl-2205.section.md | 3 +++ nixos/modules/services/logging/logrotate.nix | 5 ++++- 3 files changed, 14 insertions(+), 1 deletion(-) (limited to 'nixos/modules/services/logging/logrotate.nix') diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index 544b1e13898..a96808014d5 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -865,6 +865,13 @@ Plugins are automatically repackaged using autoPatchelf. + + + services.logrotate.enable now defaults to + true if any rotate path has been defined, and some paths have + been added by default. + + The zrepl package has been updated from diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index c748d2dae9e..1b627703989 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -294,6 +294,9 @@ In addition to numerous new and upgraded packages, this release has the followin - `services.mattermost.plugins` has been added to allow the declarative installation of Mattermost plugins. Plugins are automatically repackaged using autoPatchelf. +- `services.logrotate.enable` now defaults to true if any rotate path has + been defined, and some paths have been added by default. + - The `zrepl` package has been updated from 0.4.0 to 0.5: - The RPC protocol version was bumped; all zrepl daemons in a setup must be updated and restarted before replication can resume. diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index 26d22d90175..1467e27deba 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -111,7 +111,10 @@ in options = { services.logrotate = { - enable = mkEnableOption "the logrotate systemd service"; + enable = mkEnableOption "the logrotate systemd service" // { + default = foldr (n: a: a || n.enable) false (attrValues cfg.paths); + defaultText = literalExpression "cfg.paths != {}"; + }; paths = mkOption { type = with types; attrsOf (submodule pathOpts); -- cgit 1.4.1 From c132bfaa19ea08cce7c261ab4f0bda42bfc76b48 Mon Sep 17 00:00:00 2001 From: Dominique Martinet Date: Fri, 11 Feb 2022 17:27:06 +0900 Subject: logrotate: prepend extraConfig instead of postpending it logrotate global options only affect rules following them - as such, services.logrotate.extraConfig being added last makes the option only useful for adding new paths but not for setting global options (e.g. 'dateext' so all logs are rotate with a date suffix). Moving this first solves this problem, and we can then use this instead of default paths config to append missingok/notifempty. --- nixos/modules/services/logging/logrotate.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'nixos/modules/services/logging/logrotate.nix') diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index 1467e27deba..77e4fc39598 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -84,10 +84,6 @@ let }; config.name = name; - config.extraConfig = '' - missingok - notifempty - ''; }; mkConf = pathOpts: '' @@ -101,7 +97,11 @@ let ''; paths = sortProperties (attrValues (filterAttrs (_: pathOpts: pathOpts.enable) cfg.paths)); - configFile = pkgs.writeText "logrotate.conf" (concatStringsSep "\n" ((map mkConf paths) ++ [ cfg.extraConfig ])); + configFile = pkgs.writeText "logrotate.conf" ( + concatStringsSep "\n" ( + [ "missingok" "notifempty" cfg.extraConfig ] ++ (map mkConf paths) + ) + ); in { -- cgit 1.4.1 From 4d12b79cd7edfbe01216171dd6ef0e4c64851b0a Mon Sep 17 00:00:00 2001 From: Dominique Martinet Date: Sat, 26 Feb 2022 16:04:44 +0900 Subject: logrotate: do not enable logrotate.service itself logrotate.timer is enough for rotating logs. Enabling logrotate.service would make the service start on every configuration switch, leading to tests failure when logrotate is enabled. Also update test to make sure the timer is active and runs the service on date change. --- nixos/modules/services/logging/logrotate.nix | 1 - nixos/tests/logrotate.nix | 17 +++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'nixos/modules/services/logging/logrotate.nix') diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index 77e4fc39598..082cf92ff4e 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -167,7 +167,6 @@ in systemd.services.logrotate = { description = "Logrotate Service"; - wantedBy = [ "multi-user.target" ]; startAt = "hourly"; serviceConfig = { diff --git a/nixos/tests/logrotate.nix b/nixos/tests/logrotate.nix index 0f6b59f071d..0dee5d4502d 100644 --- a/nixos/tests/logrotate.nix +++ b/nixos/tests/logrotate.nix @@ -15,19 +15,20 @@ import ./make-test-python.nix ({ pkgs, ...} : rec { with subtest("whether logrotate works"): machine.succeed( # we must rotate once first to create logrotate stamp - "systemctl start --wait logrotate.service", + "systemctl start logrotate.service") + # we need to wait for console text once here to + # clear console buffer up to this point for next wait + machine.wait_for_console_text('logrotate.service: Deactivated successfully') + machine.succeed( # wtmp is present in default config. "rm -f /var/log/wtmp*", "echo test > /var/log/wtmp", - # move into the future and rotate - "date -s 'now + 1 month + 1 day'", - # systemd will run logrotate from logrotate.timer automatically - # on date change, but if we want to wait for it to terminate - # it's easier to run again... - "systemctl start --wait logrotate.service", - + # move into the future and check rotation. + "date -s 'now + 1 month + 1 day'") + machine.wait_for_console_text('logrotate.service: Deactivated successfully') + machine.succeed( # check rotate worked "[ -e /var/log/wtmp.1 ]", ) -- cgit 1.4.1