Centralisation des journaux (pas encore Elastic) #40
7 changed files with 54 additions and 0 deletions
|
@ -29,6 +29,24 @@
|
|||
dest: "/etc/nginx/sites-enabled/default"
|
||||
state: absent
|
||||
|
||||
- name: Add 'extended' log format
|
||||
template:
|
||||
src: nginx/conf.d/extended_log.conf.j2
|
||||
dest: /etc/nginx/conf.d/extended_log.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: Reload nginx
|
||||
|
||||
- name: Add syslog snippet
|
||||
template:
|
||||
src: nginx/snippets/syslog.conf.j2
|
||||
dest: /etc/nginx/snippets/syslog.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: Reload nginx
|
||||
|
||||
- name: Copy reverse proxy sites
|
||||
when: reverseproxy is defined
|
||||
template:
|
||||
|
|
7
roles/nginx/templates/nginx/conf.d/extended_log.conf.j2
Normal file
7
roles/nginx/templates/nginx/conf.d/extended_log.conf.j2
Normal file
|
@ -0,0 +1,7 @@
|
|||
{{ ansible_managed | comment }}
|
||||
|
||||
log_format extended
|
||||
'$remote_addr - $http_x_forwarded_for - $connection '
|
||||
'$remote_user [$time_local] '
|
||||
'"$host" "$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent"';
|
|
@ -8,6 +8,8 @@ server {
|
|||
|
||||
server_name {{ site.from }};
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
{% for realip in nginx.real_ip_from %}
|
||||
set_real_ip_from {{ realip }};
|
||||
{% endfor %}
|
||||
|
@ -25,6 +27,8 @@ server {
|
|||
|
||||
server_name {{ site.from }};
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
# SSL common conf
|
||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||
|
||||
|
@ -52,6 +56,8 @@ server {
|
|||
|
||||
server_name {{ from }};
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
{% for realip in nginx.real_ip_from %}
|
||||
set_real_ip_from {{ realip }};
|
||||
{% endfor %}
|
||||
|
@ -72,6 +78,8 @@ server {
|
|||
# SSL common conf
|
||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
{% for realip in nginx.real_ip_from %}
|
||||
set_real_ip_from {{ realip }};
|
||||
{% endfor %}
|
||||
|
|
|
@ -15,6 +15,8 @@ server {
|
|||
|
||||
server_name {{ site.from }};
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
{% for realip in nginx.real_ip_from %}
|
||||
set_real_ip_from {{ realip }};
|
||||
{% endfor %}
|
||||
|
@ -39,6 +41,8 @@ server {
|
|||
access_log /var/log/nginx/{{ site.from }}.log;
|
||||
error_log /var/log/nginx/{{ site.from }}_error.log;
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
# Keep the TCP connection open a bit for faster browsing
|
||||
keepalive_timeout 70;
|
||||
|
||||
|
|
|
@ -12,6 +12,8 @@ server {
|
|||
|
||||
server_name {{ from }};
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
{% for realip in nginx.real_ip_from %}
|
||||
set_real_ip_from {{ realip }};
|
||||
{% endfor %}
|
||||
|
@ -29,6 +31,8 @@ server {
|
|||
|
||||
server_name {{ from }};
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
# SSL common conf
|
||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||
|
||||
|
|
|
@ -19,6 +19,9 @@ upstream {{ upstream.name }} {
|
|||
server {
|
||||
listen 443 default_server ssl;
|
||||
listen [::]:443 default_server ssl;
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
include "/etc/nginx/snippets/options-ssl.{{ nginx.default_ssl_domain }}.conf";
|
||||
|
||||
server_name _;
|
||||
|
@ -50,6 +53,8 @@ server {
|
|||
# Hide Nginx version
|
||||
server_tokens off;
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
{% for realip in nginx.real_ip_from %}
|
||||
set_real_ip_from {{ realip }};
|
||||
{% endfor %}
|
||||
|
@ -71,6 +76,8 @@ server {
|
|||
server_name {{ server.server_name|join(" ") }};
|
||||
charset utf-8;
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
# Hide Nginx version
|
||||
server_tokens off;
|
||||
|
||||
|
@ -98,6 +105,8 @@ server {
|
|||
server_name {{ server.server_name|join(" ") }};
|
||||
charset utf-8;
|
||||
|
||||
include "/etc/nginx/snippets/syslog.conf";
|
||||
|
||||
# Hide Nginx version
|
||||
server_tokens off;
|
||||
|
||||
|
|
4
roles/nginx/templates/nginx/snippets/syslog.conf.j2
Normal file
4
roles/nginx/templates/nginx/snippets/syslog.conf.j2
Normal file
|
@ -0,0 +1,4 @@
|
|||
{{ ansible_managed | comment }}
|
||||
|
||||
access_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=info extended;
|
||||
error_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=error;
|
Loading…
Reference in a new issue