Log docker containers to syslog

ansible/roles/common/tasks/main.yaml

@@ -13,7 +13,7 @@
   lineinfile:
     path: /etc/hosts
     regexp: "^127.0.0.1"
-    line: "127.0.0.1	{{ hostname }} localhost {{ domain }}"
+    line: "127.0.0.1	{{ hostname }} localhost {{ domain_name }}"
 
 - name: Set timezone
   file:

ansible/roles/docker/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+
+- name: reboot
+  reboot:
+    reboot_timeout: 3600
+

ansible/roles/docker/tasks/main.yaml

@@ -0,0 +1,52 @@
+---
+
+- name: install docker
+  apt:
+    force_apt_get: yes
+    name:
+      - docker.io
+      - docker-compose-v2
+      - rsyslog
+
+- name: configure rsyslog to listen for UDP
+  lineinfile:
+    path: /etc/rsyslog.conf
+    regex: "{{ item.regex }}"
+    line: "{{ item.line }}"
+  with_items:
+    - regex: 'load="imudp"'
+      line: 'module(load="imudp")'
+    - regex: 'type="imudp"'
+      line: 'input(type="imudp" port="514")'
+  register: rsyslogconf
+
+- name: rsyslog conf for docker logs
+  copy:
+    dest: /etc/rsyslog.d/10-docker.conf
+    content: |
+      $template DockerLogs, "/var/log/docker_%syslogtag:R,ERE,1,ZERO:.*docker/([^\[]+)--end%.log"
+      if $programname startswith 'docker/' then -?DockerLogs
+      & stop
+  register: dockerlogs
+
+- name: restart rsyslog
+  service:
+    name: rsyslog
+    state: restarted
+  when: rsyslogconf.changed or dockerlogs.changed
+
+- name: Configure docker daemon
+  copy:
+    dest: /etc/docker/daemon.json
+    content: |
+      {
+        "log-driver": "syslog",
+        "log-opts": {
+          "syslog-address": "udp://127.0.0.1:514",
+          "syslog-facility": "daemon",
+          "tag": "{{ '{{' }}.DaemonName{{ '}}' }}/{{ '{{' }}.Name{{ '}}' }}"
+        }
+      }
+  notify: reboot
+# yep we reboot for this
+

ansible/site.yaml

@@ -8,6 +8,7 @@
 - name: mastodon instance
   hosts: social
   roles:
+    - { role: docker, become: yes }
     - { role: certbot, become: yes }
     - { role: nginx, become: yes }
     - { role: mastodon, become: yes }