mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-07-04 15:46:16 +00:00
Ansible-manage docker-log-cleanup script and cron (PESO-142) (#128)
docker-log-cleanup.sh lived in the repo but nothing deployed it — the script and monthly cron on nuremberg-a were set up by hand and got wiped when the host was reinstalled. Fold both into the docker role so every docker_hosts member gets the script in /usr/local/bin and a monthly cron, and it survives a rebuild.
This commit is contained in:
parent
3945b8cafc
commit
9d56a22c30
3 changed files with 29 additions and 4 deletions
|
|
@ -56,7 +56,7 @@ Run a single stage: `ansible-playbook deploy.yml --tags docker`
|
||||||
|------|-------------|
|
|------|-------------|
|
||||||
| `common` | Base packages, SSH hardening, fish shell, exporters, Alloy |
|
| `common` | Base packages, SSH hardening, fish shell, exporters, Alloy |
|
||||||
| `dotfiles` | Shell config from `dotfiles/` |
|
| `dotfiles` | Shell config from `dotfiles/` |
|
||||||
| `docker` | Docker engine install and setup |
|
| `docker` | Docker engine install and setup + monthly log-cleanup cron |
|
||||||
| `docker_services` | Deploy compose files from `services/` |
|
| `docker_services` | Deploy compose files from `services/` |
|
||||||
| `caddy` | Caddy reverse proxy (helsinki-a) |
|
| `caddy` | Caddy reverse proxy (helsinki-a) |
|
||||||
| `status_page` | status.pez.sh generator script + cron |
|
| `status_page` | status.pez.sh generator script + cron |
|
||||||
|
|
|
||||||
|
|
@ -96,3 +96,23 @@
|
||||||
state: directory
|
state: directory
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
loop: "{{ docker_services | default([]) }}"
|
loop: "{{ docker_services | default([]) }}"
|
||||||
|
|
||||||
|
# ── Log maintenance ───────────────────────────────────────────────────────────
|
||||||
|
# Truncate oversized container *-json.log files (PESO-142). Mostly a no-op now
|
||||||
|
# that logs ship via the Loki driver, but kept as a safety net and managed in
|
||||||
|
# IaC so it survives a host rebuild.
|
||||||
|
|
||||||
|
- name: Deploy docker-log-cleanup script
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "{{ playbook_dir }}/scripts/docker-log-cleanup.sh"
|
||||||
|
dest: /usr/local/bin/docker-log-cleanup.sh
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
|
- name: Schedule monthly docker log cleanup
|
||||||
|
ansible.builtin.cron:
|
||||||
|
name: "Docker log cleanup"
|
||||||
|
minute: "0"
|
||||||
|
hour: "3"
|
||||||
|
day: "1"
|
||||||
|
job: "/usr/local/bin/docker-log-cleanup.sh"
|
||||||
|
user: root
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,12 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Truncate large Docker container log files
|
# Truncate large Docker container log files.
|
||||||
# Deployed on: nuremberg-a
|
#
|
||||||
# Cron: 0 3 1 * * /usr/local/bin/docker-log-cleanup.sh
|
# Managed by Ansible (docker role) — deployed to /usr/local/bin/ on all
|
||||||
|
# docker_hosts and run monthly via cron. Do not edit on the host.
|
||||||
|
#
|
||||||
|
# Safety net for containers using the json-file log driver; most containers
|
||||||
|
# ship logs via the Loki driver and never write *-json.log, so on a healthy
|
||||||
|
# host this is usually a no-op.
|
||||||
|
|
||||||
LOG_DIR=/var/lib/docker/containers
|
LOG_DIR=/var/lib/docker/containers
|
||||||
MAX_SIZE_MB=100
|
MAX_SIZE_MB=100
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue