From 1821806b91622cb06aa340d64def7e3c05005dda Mon Sep 17 00:00:00 2001 From: Erik Stambaugh Date: Sun, 28 Jan 2024 18:50:49 -0800 Subject: [PATCH] Log docker containers to syslog --- ansible/roles/common/tasks/main.yaml | 2 +- ansible/roles/docker/handlers/main.yml | 6 +++ ansible/roles/docker/tasks/main.yaml | 52 ++++++++++++++++++++++++++ ansible/site.yaml | 1 + 4 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 ansible/roles/docker/handlers/main.yml create mode 100644 ansible/roles/docker/tasks/main.yaml diff --git a/ansible/roles/common/tasks/main.yaml b/ansible/roles/common/tasks/main.yaml index 5e9bec6..7f5a1e3 100644 --- a/ansible/roles/common/tasks/main.yaml +++ b/ansible/roles/common/tasks/main.yaml @@ -13,7 +13,7 @@ lineinfile: path: /etc/hosts regexp: "^127.0.0.1" - line: "127.0.0.1 {{ hostname }} localhost {{ domain }}" + line: "127.0.0.1 {{ hostname }} localhost {{ domain_name }}" - name: Set timezone file: diff --git a/ansible/roles/docker/handlers/main.yml b/ansible/roles/docker/handlers/main.yml new file mode 100644 index 0000000..57b6b31 --- /dev/null +++ b/ansible/roles/docker/handlers/main.yml @@ -0,0 +1,6 @@ +--- + +- name: reboot + reboot: + reboot_timeout: 3600 + diff --git a/ansible/roles/docker/tasks/main.yaml b/ansible/roles/docker/tasks/main.yaml new file mode 100644 index 0000000..e75cff3 --- /dev/null +++ b/ansible/roles/docker/tasks/main.yaml @@ -0,0 +1,52 @@ +--- + +- name: install docker + apt: + force_apt_get: yes + name: + - docker.io + - docker-compose-v2 + - rsyslog + +- name: configure rsyslog to listen for UDP + lineinfile: + path: /etc/rsyslog.conf + regex: "{{ item.regex }}" + line: "{{ item.line }}" + with_items: + - regex: 'load="imudp"' + line: 'module(load="imudp")' + - regex: 'type="imudp"' + line: 'input(type="imudp" port="514")' + register: rsyslogconf + +- name: rsyslog conf for docker logs + copy: + dest: /etc/rsyslog.d/10-docker.conf + content: | + $template DockerLogs, "/var/log/docker_%syslogtag:R,ERE,1,ZERO:.*docker/([^\[]+)--end%.log" + if $programname startswith 'docker/' then -?DockerLogs + & stop + register: dockerlogs + +- name: restart rsyslog + service: + name: rsyslog + state: restarted + when: rsyslogconf.changed or dockerlogs.changed + +- name: Configure docker daemon + copy: + dest: /etc/docker/daemon.json + content: | + { + "log-driver": "syslog", + "log-opts": { + "syslog-address": "udp://127.0.0.1:514", + "syslog-facility": "daemon", + "tag": "{{ '{{' }}.DaemonName{{ '}}' }}/{{ '{{' }}.Name{{ '}}' }}" + } + } + notify: reboot +# yep we reboot for this + diff --git a/ansible/site.yaml b/ansible/site.yaml index daf51c4..a9c3aa8 100644 --- a/ansible/site.yaml +++ b/ansible/site.yaml @@ -8,6 +8,7 @@ - name: mastodon instance hosts: social roles: + - { role: docker, become: yes } - { role: certbot, become: yes } - { role: nginx, become: yes } - { role: mastodon, become: yes }