refactor: logrotate setup + rspamd log path + tests log helper fallback path (#3576)

* simplify `_setup_logrotate` * adjust Rspamd's log file and improve it's management * add information to docs about Rspamd log * update log query helper to allow another file location * bail in case `LOGROTATE_INTERVAL` is invalid --------- Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2024-01-19 02:48:50 +00:00 · 2023-10-14 17:14:10 +02:00 · 2023-10-14 17:14:10 +02:00 · 894978ddd7
parent 82c38f2426
commit 894978ddd7
5 changed files with 40 additions and 27 deletions
--- a/docs/content/config/security/rspamd.md
+++ b/docs/content/config/security/rspamd.md
@ -69,6 +69,10 @@ DMS does not supply custom values for DNS servers to Rspamd. If you need to use

    This setting is enabled to not allow spam to proceed just because DNS requests did not succeed. It could deny legitimate e-mails to pass though too in case your DNS setup is incorrect or not functioning properly.

+### Logs
+
+You can find the Rspamd logs at `/var/log/mail/rspamd.log`, and the corresponding logs for [Redis](#persistence-with-redis), if it is enabled, at `/var/log/supervisor/rspamd-redis.log`. We recommend inspecting these logs (with `docker exec -it <CONTAINER NAME> cat /var/log/mail/rspamd.log`) in case Rspamd does not work as expected.
+
 ### Modules

 You can find a list of all Rspamd modules [on their website][rspamd-docs-modules].
--- a/target/scripts/startup/setup.d/log.sh
+++ b/target/scripts/startup/setup.d/log.sh
@ -13,31 +13,22 @@ function _setup_logs_general() {
 function _setup_logrotate() {
  _log 'debug' 'Setting up logrotate'

-  LOGROTATE='/var/log/mail/mail.log\n{\n  compress\n  copytruncate\n  delaycompress\n'
+  if [[ ${LOGROTATE_INTERVAL} =~ ^(daily|weekly|monthly)$ ]]; then
+    _log 'trace' "Logrotate interval set to ${LOGROTATE_INTERVAL}"
+  else
+    _dms_panic__invalid_value 'LOGROTATE_INTERVAL' 'Setup -> Logrotate'
+  fi

-  case "${LOGROTATE_INTERVAL}" in
-    ( 'daily' )
-      _log 'trace' 'Setting postfix logrotate interval to daily'
-      LOGROTATE="${LOGROTATE}  rotate 4\n  daily\n"
-      ;;
-
-    ( 'weekly' )
-      _log 'trace' 'Setting postfix logrotate interval to weekly'
-      LOGROTATE="${LOGROTATE}  rotate 4\n  weekly\n"
-      ;;
-
-    ( 'monthly' )
-      _log 'trace' 'Setting postfix logrotate interval to monthly'
-      LOGROTATE="${LOGROTATE}  rotate 4\n  monthly\n"
-      ;;
-
-    ( * )
-      _log 'warn' 'LOGROTATE_INTERVAL not found in _setup_logrotate'
-      ;;
-
-  esac
-
-  echo -e "${LOGROTATE}}" >/etc/logrotate.d/maillog
+  cat >/etc/logrotate.d/maillog << EOF
+/var/log/mail/mail.log
+{
+  compress
+  copytruncate
+  delaycompress
+  rotate 4
+  ${LOGROTATE_INTERVAL}
+}
+EOF
 }

 function _setup_mail_summary() {
--- a/target/scripts/startup/setup.d/security/rspamd.sh
+++ b/target/scripts/startup/setup.d/security/rspamd.sh
@ -7,6 +7,7 @@ function _setup_rspamd() {
    __rspamd__log 'trace' '----------  Setup started  ----------'

    __rspamd__run_early_setup_and_checks      # must run first
+    __rspamd__setup_logfile
    __rspamd__setup_redis
    __rspamd__setup_postfix
    __rspamd__setup_clamav
@ -101,6 +102,20 @@ function __rspamd__run_early_setup_and_checks() {
  fi
 }

+# Keep in sync with `target/scripts/startup/setup.d/log.sh:_setup_logrotate()`
+function __rspamd__setup_logfile() {
+  cat >/etc/logrotate.d/rspamd << EOF
+/var/log/mail/rspamd.log
+{
+  compress
+  copytruncate
+  delaycompress
+  rotate 4
+  ${LOGROTATE_INTERVAL}
+}
+EOF
+}
+
 # Sets up Redis. In case the user does not use a dedicated Redis instance, we
 # supply a configuration for our local Redis instance which is started later.
 function __rspamd__setup_redis() {
--- a/target/supervisor/conf.d/supervisor-app.conf
+++ b/target/supervisor/conf.d/supervisor-app.conf
@ -101,8 +101,8 @@ startsecs=0
 stopwaitsecs=55
 autostart=false
 autorestart=true
-stdout_logfile=/var/log/supervisor/%(program_name)s.log
-stderr_logfile=/var/log/supervisor/%(program_name)s.log
+stdout_logfile=/var/log/mail/%(program_name)s.log
+stderr_logfile=/var/log/mail/%(program_name)s.log
 command=/usr/bin/rspamd --no-fork --user=_rspamd --group=_rspamd

 [program:rspamd-redis]
--- a/test/helper/common.bash
+++ b/test/helper/common.bash
@ -429,8 +429,11 @@ function _filter_service_log() {
  local SERVICE=${1:?Service name must be provided}
  local STRING=${2:?String to match must be provided}
  local CONTAINER_NAME=$(__handle_container_name "${3:-}")
+  local FILE="/var/log/supervisor/${SERVICE}.log"

-  _run_in_container grep -E "${STRING}" "/var/log/supervisor/${SERVICE}.log"
+  # Fallback to alternative log location:
+  [[ -f ${FILE} ]] || FILE="/var/log/mail/${SERVICE}.log"
+  _run_in_container grep -E "${STRING}" "${FILE}"
 }

 # Like `_filter_service_log` but asserts that the string was found.