search

Jigsaw-Code / outline-server

Outline Server, developed by Jigsaw. The Outline Server is a proxy server that runs a Shadowsocks instance and provides a REST API for access key management.
https://getoutline.org/
Apache License 2.0
5.84k stars 790 forks source link

feat(server): enable log rotation and start script #1494

Closed fortuna closed 9 months ago

fortuna commented 9 months ago

This PR makes the Manager use --log-driver local in the docker run, which is a log driver that does log rotation, unlike the default driver that keeps growing on disk and can make the server stop working after some time (details). This is important, because some people may think the server gets blocked after some time.

This PR also creates a run script. That will help providers understand how to run the Outline server with Docker, and allow them to tweak how it is run. They can more easily change the API port, for instance. It's also a lot easier to change a server to the canary image. This is what is output on a standard installation:

# This script starts the Outline server container ("Shadowbox").
# If you need to customize how the server is run, you can edit this script, then restart with:
#
#     "/root/shadowbox/persisted-state/start_container.sh"

set -eu

docker stop "shadowbox" 2> /dev/null || true
docker rm -f "shadowbox" 2> /dev/null || true

docker_command=(
  docker
  run
  -d
  --name "shadowbox" --restart always --net host

  # Used by Watchtower to know which containers to monitor.
  --label 'com.centurylinklabs.watchtower.enable=true'

  # Use log rotation. See https://docs.docker.com/config/containers/logging/configure/.
  --log-driver local

  # The state that is persisted across restarts.
  -v "/root/shadowbox/persisted-state:/root/shadowbox/persisted-state"

  # Where the container keeps its persistent state.
  -e "SB_STATE_DIR=/root/shadowbox/persisted-state"

  # Port number and path prefix used by the server manager API.
  -e "SB_API_PORT=26770"
  -e "SB_API_PREFIX=1W3UislDWAmZLggSTR0nWQ"

  # Location of the API TLS certificate and key.
  -e "SB_CERTIFICATE_FILE=/root/shadowbox/persisted-state/shadowbox-selfsigned.crt"
  -e "SB_PRIVATE_KEY_FILE=/root/shadowbox/persisted-state/shadowbox-selfsigned.key"

  # Where to report metrics to, if opted-in.
  -e "SB_METRICS_URL="

  # The default server name, if not set in the config.
  -e "SB_DEFAULT_SERVER_NAME=Outline Server London"

  # The Outline server image to run.
  "quay.io/outline/shadowbox:stable"
)
"${docker_command[@]}"

In the process I replaced the setting of SB_DEFAULT_SERVER_NAME with setting the server name directly in the config. That's a lot less confusing (history context: the env var existed before the config setting was introduced). (had issues, will figure out later)

sbruens commented 9 months ago

Thanks for the detailed PR description, very helpful. TIL Docker does not do log rotation by default. I should change this in other projects as well.