diff options
| author | David Runge <dave@sleepmap.de> | 2020-09-12 18:18:00 +0200 |
|---|---|---|
| committer | David Runge <dave@sleepmap.de> | 2020-09-12 18:18:00 +0200 |
| commit | 549bf806e1e4b12a14a463db87438608f7025eb9 (patch) | |
| tree | 3adc825bebe46c683e550badd73800341e626a80 | |
| parent | 0d104b87b8afdbf81dd5372f9ae36b9b4076a920 (diff) | |
| download | dotfiles-549bf806e1e4b12a14a463db87438608f7025eb9.tar.gz dotfiles-549bf806e1e4b12a14a463db87438608f7025eb9.tar.bz2 dotfiles-549bf806e1e4b12a14a463db87438608f7025eb9.tar.xz dotfiles-549bf806e1e4b12a14a463db87438608f7025eb9.zip | |
Add basic logrotate integration
.config/logrotate.conf:
Add configuration to rotate sway and a2jmidid logs.
.config/systemd/user/logrotate.{service,timer}:
Add service and timer based on the system versions provided by
logrotate.
| -rw-r--r-- | .config/logrotate.conf | 31 | ||||
| -rw-r--r-- | .config/systemd/user/logrotate.service | 28 | ||||
| -rw-r--r-- | .config/systemd/user/logrotate.timer | 11 |
3 files changed, 70 insertions, 0 deletions
diff --git a/.config/logrotate.conf b/.config/logrotate.conf new file mode 100644 index 0000000..2d891e3 --- /dev/null +++ b/.config/logrotate.conf @@ -0,0 +1,31 @@ + +# see "man logrotate" for details +# rotate log files weekly +weekly + +# keep 4 weeks worth of backlogs +rotate 4 + +# restrict maximum size of log files +#size 20M + +# create new (empty) log files after rotating old ones +create + +# uncomment this if you want your log files compressed +#compress + +# Logs are moved into directory for rotation +# olddir /var/log/archive +# include ~/.config/logrotate.d + +~/.log/a2j/a2j.log { + notifempty + copytruncate + missingok +} +~/.log/sway.log { + notifempty + copytruncate + missingok +} diff --git a/.config/systemd/user/logrotate.service b/.config/systemd/user/logrotate.service new file mode 100644 index 0000000..f517394 --- /dev/null +++ b/.config/systemd/user/logrotate.service @@ -0,0 +1,28 @@ +[Unit] +Description=Rotate log files +Documentation=man:logrotate(8) man:logrotate.conf(5) +ConditionACPower=true + +[Service] +Type=oneshot +ExecStart=/usr/bin/logrotate %h/.config/logrotate.conf -s %S/logrotate.status -v +Nice=19 +IOSchedulingClass=best-effort +IOSchedulingPriority=7 + +# hardening options +# details: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +# no ProtectHome for userdir logs +# no PrivateNetwork for mail deliviery +# no NoNewPrivileges for third party rotate scripts +# LockPersonality=true +# MemoryDenyWriteExecute=true +# PrivateDevices=true +# PrivateTmp=true +# ProtectControlGroups=true +# ProtectKernelLogs=true +# ProtectKernelModules=true +# ProtectKernelTunables=true +# ProtectSystem=full +# RestrictNamespaces=true +# RestrictRealtime=true diff --git a/.config/systemd/user/logrotate.timer b/.config/systemd/user/logrotate.timer new file mode 100644 index 0000000..ea37931 --- /dev/null +++ b/.config/systemd/user/logrotate.timer @@ -0,0 +1,11 @@ +[Unit] +Description=Daily rotation of log files +Documentation=man:logrotate(8) man:logrotate.conf(5) + +[Timer] +OnCalendar=daily +AccuracySec=1h +Persistent=true + +[Install] +WantedBy=timers.target |