Centralisation des journaux (pas encore Elastic) #40
7 changed files with 54 additions and 0 deletions
|
@ -29,6 +29,24 @@
|
||||||
dest: "/etc/nginx/sites-enabled/default"
|
dest: "/etc/nginx/sites-enabled/default"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
|
- name: Add 'extended' log format
|
||||||
|
template:
|
||||||
|
src: nginx/conf.d/extended_log.conf.j2
|
||||||
|
dest: /etc/nginx/conf.d/extended_log.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify: Reload nginx
|
||||||
|
|
||||||
|
- name: Add syslog snippet
|
||||||
|
template:
|
||||||
|
src: nginx/snippets/syslog.conf.j2
|
||||||
|
dest: /etc/nginx/snippets/syslog.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify: Reload nginx
|
||||||
|
|
||||||
- name: Copy reverse proxy sites
|
- name: Copy reverse proxy sites
|
||||||
when: reverseproxy is defined
|
when: reverseproxy is defined
|
||||||
template:
|
template:
|
||||||
|
|
7
roles/nginx/templates/nginx/conf.d/extended_log.conf.j2
Normal file
7
roles/nginx/templates/nginx/conf.d/extended_log.conf.j2
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
log_format extended
|
||||||
|
'$remote_addr - $http_x_forwarded_for - $connection '
|
||||||
|
'$remote_user [$time_local] '
|
||||||
|
'"$host" "$request" $status $body_bytes_sent '
|
||||||
|
'"$http_referer" "$http_user_agent"';
|
|
@ -8,6 +8,8 @@ server {
|
||||||
|
|
||||||
server_name {{ site.from }};
|
server_name {{ site.from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -25,6 +27,8 @@ server {
|
||||||
|
|
||||||
server_name {{ site.from }};
|
server_name {{ site.from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# SSL common conf
|
# SSL common conf
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||||
|
|
||||||
|
@ -52,6 +56,8 @@ server {
|
||||||
|
|
||||||
server_name {{ from }};
|
server_name {{ from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -72,6 +78,8 @@ server {
|
||||||
# SSL common conf
|
# SSL common conf
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
|
@ -15,6 +15,8 @@ server {
|
||||||
|
|
||||||
server_name {{ site.from }};
|
server_name {{ site.from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -39,6 +41,8 @@ server {
|
||||||
access_log /var/log/nginx/{{ site.from }}.log;
|
access_log /var/log/nginx/{{ site.from }}.log;
|
||||||
error_log /var/log/nginx/{{ site.from }}_error.log;
|
error_log /var/log/nginx/{{ site.from }}_error.log;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# Keep the TCP connection open a bit for faster browsing
|
# Keep the TCP connection open a bit for faster browsing
|
||||||
keepalive_timeout 70;
|
keepalive_timeout 70;
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,8 @@ server {
|
||||||
|
|
||||||
server_name {{ from }};
|
server_name {{ from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -29,6 +31,8 @@ server {
|
||||||
|
|
||||||
server_name {{ from }};
|
server_name {{ from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# SSL common conf
|
# SSL common conf
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,9 @@ upstream {{ upstream.name }} {
|
||||||
server {
|
server {
|
||||||
listen 443 default_server ssl;
|
listen 443 default_server ssl;
|
||||||
listen [::]:443 default_server ssl;
|
listen [::]:443 default_server ssl;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ nginx.default_ssl_domain }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ nginx.default_ssl_domain }}.conf";
|
||||||
|
|
||||||
server_name _;
|
server_name _;
|
||||||
|
@ -50,6 +53,8 @@ server {
|
||||||
# Hide Nginx version
|
# Hide Nginx version
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -71,6 +76,8 @@ server {
|
||||||
server_name {{ server.server_name|join(" ") }};
|
server_name {{ server.server_name|join(" ") }};
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# Hide Nginx version
|
# Hide Nginx version
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
||||||
|
@ -98,6 +105,8 @@ server {
|
||||||
server_name {{ server.server_name|join(" ") }};
|
server_name {{ server.server_name|join(" ") }};
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# Hide Nginx version
|
# Hide Nginx version
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
||||||
|
|
4
roles/nginx/templates/nginx/snippets/syslog.conf.j2
Normal file
4
roles/nginx/templates/nginx/snippets/syslog.conf.j2
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
access_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=info extended;
|
||||||
|
error_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=error;
|
Loading…
Reference in a new issue