search

linuxserver / docker-mastodon

GNU General Public License v3.0
78 stars 15 forks source link

[BUG] nginx logs growing without rotation #53

Closed shiruken closed 1 year ago

shiruken commented 1 year ago

Is there an existing issue for this?

Current Behavior

The nginx logs are allowed to grow without rotation or pruning. Running logrotate -vf /etc/logrotate.d/nginx from within the container suggests this might be a permission error:

renaming /config/log/nginx/access.log to /config/log/nginx/access.log.1
error: failed to rename /config/log/nginx/access.log to /config/log/nginx/access.log.1: Permission denied

Expected Behavior

logrotate should automatically rotate the nginx logs weekly

Steps To Reproduce

  1. Run for longer than one week + allow logs to exceed logrotate maxsize (?)
  2. Logs will not get rotated

Environment

- OS: Oracle Linux 8.5
- How docker service was installed: packagemanager

CPU architecture

arm64

Docker creation

services:
  mastodon:
    image: lscr.io/linuxserver/mastodon:latest
    container_name: mastodon
    restart: unless-stopped
    volumes:
      - mastodon:/config
    ports:
      - 127.0.0.1:4443:443
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=UTC
      - LOCAL_DOMAIN=
      - WEB_DOMAIN=
      - REDIS_HOST=redis
      - REDIS_PORT=6379
      - DB_HOST=postgres
      - DB_PORT=5432
      - DB_NAME=mastodon
      - DB_USER=mastodon
      - DB_PASS=
      - ES_ENABLED=false
      - SECRET_KEY_BASE=
      - OTP_SECRET=
      - VAPID_PRIVATE_KEY=
      - VAPID_PUBLIC_KEY=
      - SMTP_SERVER=
      - SMTP_PORT=
      - SMTP_LOGIN=
      - SMTP_PASSWORD=
      - SMTP_FROM_ADDRESS=
      - S3_ENABLED=false
      - SINGLE_USER_MODE=true
      - SIDEKIQ_THREADS=10
      - DB_POOL=10

# ...

Container logs

Hundreds of megabytes...
thespad commented 1 year ago

This appears to be a permissions issue specific to your setup, my local instance is rotating logs as expected

# ls -lan /var/lib/docker/volumes/mastodon-data/_data/log/nginx/
total 5352
drwxr-xr-x 2 1000 1000    4096 Apr 30 02:00 .
drwxr-xr-x 4 1000 1000    4096 May  3 02:00 ..
-rw-r--r-- 1 1000 1000 1137632 May  3 22:36 access.log
-rw-r--r-- 1 1000 1000 2292920 May  1 19:45 access.log.1
-rw-r--r-- 1 1000 1000  146427 Feb 26 01:59 access.log.10.gz
-rw-r--r-- 1 1000 1000  144432 Feb 19 02:26 access.log.11.gz
-rw-r--r-- 1 1000 1000  155989 Feb 12 02:18 access.log.12.gz
-rw-r--r-- 1 1000 1000  141089 Feb  5 01:58 access.log.13.gz
-rw-r--r-- 1 1000 1000  131460 Feb  1 16:02 access.log.14.gz
-rw-r--r-- 1 1000 1000  160693 Apr 24 11:50 access.log.2.gz
-rw-r--r-- 1 1000 1000  155676 Apr 17 12:20 access.log.3.gz
-rw-r--r-- 1 1000 1000  166940 Apr  9 15:39 access.log.4.gz
-rw-r--r-- 1 1000 1000  160699 Apr  3 14:49 access.log.5.gz
-rw-r--r-- 1 1000 1000  144600 Mar 26 12:41 access.log.6.gz
-rw-r--r-- 1 1000 1000  140893 Mar 20 12:07 access.log.7.gz
-rw-r--r-- 1 1000 1000  146497 Mar 13 17:43 access.log.8.gz
-rw-r--r-- 1 1000 1000  145931 Mar  5 01:56 access.log.9.gz
-rw-r--r-- 1 1000 1000       0 Apr 30 02:00 error.log
-rw-r--r-- 1 1000 1000     236 Apr 28 11:40 error.log.1
-rw-r--r-- 1 1000 1000     204 Feb 22 11:36 error.log.10.gz
-rw-r--r-- 1 1000 1000     296 Feb 11 15:41 error.log.11.gz
-rw-r--r-- 1 1000 1000     235 Feb  5 12:24 error.log.12.gz
-rw-r--r-- 1 1000 1000     210 Feb  1 16:02 error.log.13.gz
-rw-r--r-- 1 1000 1000     253 Feb  1 16:02 error.log.14.gz
-rw-r--r-- 1 1000 1000     215 Apr 25 17:35 error.log.2.gz
-rw-r--r-- 1 1000 1000     262 Apr  9 15:47 error.log.3.gz
-rw-r--r-- 1 1000 1000     439 Apr  5 20:29 error.log.4.gz
-rw-r--r-- 1 1000 1000     237 Mar 29 12:11 error.log.5.gz
-rw-r--r-- 1 1000 1000     238 Mar 27 14:03 error.log.6.gz
-rw-r--r-- 1 1000 1000     208 Mar 17 14:36 error.log.7.gz
-rw-r--r-- 1 1000 1000     196 Mar 10 10:59 error.log.8.gz
-rw-r--r-- 1 1000 1000     196 Mar  7 16:12 error.log.9.gz
shiruken commented 1 year ago

Hmm... I thought the /config directory was supposed to have its permissions checked during startup?

Should I just chown -R abc:abc /config ?

thespad commented 1 year ago

We do on first run, but because of the number of files that can accumulate in the Mastodon /config mount with all the cached images and profiles, we don't run a recursive chown every startup as it can take several minutes on slower systems.

chown -R abc:abc /config/log should be sufficient.

shiruken commented 1 year ago

Thanks, that seems to have resolved the issue. Not sure how it got messed up in the first place.