Accumulative changes.
This commit is contained in:
parent
fbdd033d4b
commit
8074910452
|
@ -23,6 +23,6 @@ node.reverse_merge!({
|
||||||
'ipaddr' => ipaddr,
|
'ipaddr' => ipaddr,
|
||||||
'dns' => dns,
|
'dns' => dns,
|
||||||
'encrypt' => 's2T3XUTb9MjHYOw8I820O5YkN2G6eJrjLjJRTnEAKoM=',
|
'encrypt' => 's2T3XUTb9MjHYOw8I820O5YkN2G6eJrjLjJRTnEAKoM=',
|
||||||
'token' => 'acb7096c-dcda-775a-b52c-b47c96b38d0e'
|
'token' => '63de6edb-0cb0-de95-d5f1-7facf616c26d'
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
|
@ -24,7 +24,7 @@ execute 'mount -a' do
|
||||||
action :nothing
|
action :nothing
|
||||||
end
|
end
|
||||||
|
|
||||||
remote_file '/etc/cron.d/everun' do
|
remote_file '/etc/cron.d/everun-blog' do
|
||||||
owner 'root'
|
owner 'root'
|
||||||
group 'root'
|
group 'root'
|
||||||
mode '644'
|
mode '644'
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# -------------------------------------------
|
# -------------------------------------------
|
||||||
node.reverse_merge!({
|
node.reverse_merge!({
|
||||||
'nginx' => {
|
'nginx' => {
|
||||||
'version' => '1.23.2',
|
'version' => '1.25.0',
|
||||||
'skip_lego' => 'true',
|
'skip_lego' => 'true',
|
||||||
'skip_webadm' => 'true'
|
'skip_webadm' => 'true'
|
||||||
}
|
}
|
||||||
|
|
|
@ -78,7 +78,7 @@ directory MODULEDIR do
|
||||||
end
|
end
|
||||||
|
|
||||||
# Build starts here:
|
# Build starts here:
|
||||||
execute "#{NGINXBUILD} -d working -v #{version} -c configure.sh -zlib -pcre -openssl" do
|
execute "#{NGINXBUILD} -d working -v #{version} -c configure.sh -zlib -pcre -libressl -libresslversion 3.8.0" do
|
||||||
cwd WORKDIR
|
cwd WORKDIR
|
||||||
user USER
|
user USER
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
md5:e2c4b92cac6937e5c2e14bcb166748cf:salt:35-2-158-147-217-138-24-188:aes-256-cfb:m5WUGUv4kMl3U4EpsDCZbTmqfDQEp3CGzBk84671Dhxt0rRtETnCY2ECGD7W
|
||||||
|
+O9MMKk0jCDCUxz7EZoggsHQL40dwvcCKs5qgcFFmZYOMygfxBVJ+cqBZ//0
|
||||||
|
Zdav0tp1Qc3ejX2x3kmZBgAn4WCRVCmIZYtPYj0w4nrAohXSITJOo6MKNfsB
|
||||||
|
ASvoywRNHTYJAxT/UrYrJudR3Yq2a0gIcVgGZAYBKOUb2syMTixo245x128p
|
||||||
|
pX2QtcHjE87g9uGeUVWLkIM9m5uvBGULgdKknO03PXF0jWHxQvv/RRN+aG0H
|
||||||
|
To70zhqrlJWibKlO9PgPyVhoQSgxBG9i2f18hw2Kcnr0xSYvfC3yfkvem5C2
|
||||||
|
Zgpj+xRIfbB6tw7k/ePdguBJ5e94Y5nDtavMr58Wxgtnleyc3/k/iRgK1wpD
|
||||||
|
BUrf83ZWMt3QPwDL4J5npo+4YDCObrsvO3BD14XMUHpSpCvVdKCnMnngQdRt
|
||||||
|
7TERfhMMRCPcHbUD9gFh6HcsT+GzU6a9iwyJ03nYweWB/nXGGfwnTfrklwfJ
|
||||||
|
CuTSFnA=
|
|
@ -0,0 +1,10 @@
|
||||||
|
md5:3429dd1d1b7fae6ff356c639afaeaa7c:salt:114-48-239-183-69-3-57-50:aes-256-cfb:/mKhySMGT7hiRIYO45LOqBxEmwI6wCQKvrwdK+sOJq5p5xbn7wDiYwUWnhGT
|
||||||
|
feCcW0iiVS0Qq5Wpnf01KTBaQWPditaR/CBYxCToV0EZ+7lA6HUTaX7qELGP
|
||||||
|
nPTkPn6CmTgW7I/kI9XfkeeSbT0Ti+2xo3XSpce1kftGp67aBcxM6XLSCKiS
|
||||||
|
IUMFoQIBHbUlJxJ5y6vj3uA/2v/r99y/dHymoKS695abnFPfq6rDqnJC7PKe
|
||||||
|
wEeLoObLSauqgnTF4CZUgZxaSSVUCNRjkV3WTHiu3UIEsHjiwJFBqJfWzVr9
|
||||||
|
dvgzZAFt5YUwwGHEhZjtO66/Tp8Po4SZzRRDbftCBSS8nIZQ66qYwmKHGK98
|
||||||
|
eYOFtpbQYnVMJKWd+orSDse61CcaT2tPgTZ4fjln/a4Ru4V5Kr4/HRyRmn6J
|
||||||
|
bIzBVuBVuh8T0oh36GSefSjfL7KyProS4waFlX53qwrMPHBmP873cJ2ZO1GN
|
||||||
|
HYk2QEUPP1BWEWiv9kfNu6mZPKVHIL7CEkvOAxlDWaKjgll5eNbbfzDw1hh3
|
||||||
|
Hn3RPGs=
|
|
@ -1,15 +0,0 @@
|
||||||
md5:c79b07af6291083d791d1902a2637509:salt:199-29-148-147-93-118-94-214:aes-256-cfb:+1A39ytpBJ0l9yD+eCP5DmHnSILgFr9JLu0o+JoVbBEY2JoJiv6e0M23etSN
|
|
||||||
OHHH/AlnnrSarWA7UzO3aXZP8aNsi5N6VWXwGLw4XtqnwjWryUebGjIDwGrU
|
|
||||||
ioN1q0lVfw+Yqo5k27eVrVJNrL/Ki/Uu5NPqdGZScFcBq4FYjDUfFAuJqKCB
|
|
||||||
LAf24VqY3d9DhxibsVlM4kkEczOzjX0opRLPAyef50pSlu53SCnM/93v8ekN
|
|
||||||
03JUPGove1klD+gwYBWEx6PLJp/ECnPeRhIqRayEDTpGQ7kVoK7zruJGTPhj
|
|
||||||
Esk9yd6wabSHVv7TrsyFQxqzVn93zd/KnivKtCs1qf7kvg24zpvAygjn5RhW
|
|
||||||
MyXxIPDw7TE64xzwzhmu2/mVRZrUxsY2entJ9OJFqi9a7n54Io6iLKN70b3R
|
|
||||||
ecg2qXX8arlSKqb4QzqegRr1/w3t67EsuyTArU6Juj48gHKGiwbp9pdMTLdZ
|
|
||||||
L7lLUn8pbFNldWFCT4UjYtXPPpdNbm9Fp4RQXTYZdY8cYYGHzffLwCk7GlGX
|
|
||||||
uTpXtmGnfyQtZm+c7X2MP/dWCyyexBQXj+S5YSdE47XVYMnCKrVJjej6Q2je
|
|
||||||
qTd+Axrzn9K4p7Q9fOwOKLMUXOgfMMmHbfw2xmcpt+oWIWm+JyiGngylOu0b
|
|
||||||
zxWrff+iUIL0EedLSes0Opc4/gFKqa97r5qv5qwDKR7jgjeULDe6Rzn/Xv+M
|
|
||||||
lVGm3YGZnnNGG7Nf/qIn2SEyEi89DbPTLfOeeFx1ThVMVTjU7sLivyIrmz5e
|
|
||||||
8T0Cq/i9K2A8iijhyOugDWikNCRjQK8ZzL6WAtzL7nWLYp5jCTD9PFMfDgFo
|
|
||||||
7t4zAqat4iT1HtZdt7hiUO5MbA==
|
|
|
@ -1,8 +1,8 @@
|
||||||
md5:e7887186aea3bbd3d6b4951de375c79d:salt:136-75-189-47-2-186-228-12:aes-256-cfb:7pH09CBmCgVKJDl2WTrPt25WbDmnb6nxroKOpF/0/f1o98IelqLWvsFwSXzI
|
md5:c97addd9484611e9038f4d21490f95ef:salt:46-243-167-154-98-197-19-76:aes-256-cfb:MulsiIrRht0HvexrIXKc6q6pW9B4LnSaNB3FQyOghiAmaQKafmjvaPycv3nl
|
||||||
1e56t8SGpgDt9X+a13QDO5JaSyBAINMbzZMDXMqDuN49BMbo1nbEvWOG0DTC
|
O/2FKcYHZ9g4sRysBo9t/Yttd7Q+ytGKz5MWG0w7vddvVsijaBjcqltS5Zvh
|
||||||
7zrsNK/l3qIMo8ArpvnF36QZseXibP1rrRb1IslwmlfuvZz5Vg39IAcQH/Ny
|
r6gTozBur13iBqsk7AYlU/wjyH62Zdgmo0rJBHp70Zqx4Bk81bDrqHbypzcK
|
||||||
3bSdxcE3ssbr9XuaG3HmPpTHmywn5Pc5lCSbKMW1mnCEMlPOiL4pJdHQzy24
|
XcM1Qg1jU1Y0bJgUyCLkpTYOjtNBug0sRYQ/Slv0/UbzgEA5WtTO7sRAEPuj
|
||||||
YAlrt7A+TNIBk056J4DrfnRYaB2FhrXtN8BFjAzkH5RJvRBRVbCHnZM30bxG
|
Y0qvUJVDz+0zYRinOwCOA+IGARqB5GsDtQ4YgGR9kKSmoUPPRSjIg7xSKB0S
|
||||||
hJgzmPK2MBflKTM1tSQ6ZwUnZie84AETk0hZZBTjHSWHvI21zStTe974R/cC
|
rn1CUSjKEbmPIHeOMWSg7CXmOzzVPMTNqM6MLjGHmOyWGSDPvwRiPI5AacNu
|
||||||
0KMPAWSprEt0Vpa81GBhwrC7UVCyEeE0DhaFiM5vCgvqSuMDFzESGGTztJzW
|
AmOsFNY2EiWUJolrz5RpZZXjkGFmcwnxn+7ZtoWO7nD8JhaCrPpxC6C/rnav
|
||||||
baxx8T8CfNAcvpkcRyfQYk7S
|
ZGg=
|
|
@ -1,8 +1,8 @@
|
||||||
md5:96eae5dbfe873212499d1cda58215bc0:salt:45-243-88-46-67-155-255-124:aes-256-cfb:q3OckWaetMF6FqeKkB2j34jtTSs4xOtwz0ZBG0hP3NjCUxK13XH55/IIjTI3
|
md5:032af53422a767d4edf60d5d2f8ec84e:salt:231-40-60-67-6-253-79-25:aes-256-cfb:PiAZ+U6IHA4GvL3gDsLzeV48MvnaAaEbAqWqYLq4TrsrbRj8J2QT6ANUjZoC
|
||||||
HDrqT+2FWXPxUOBEk0JNqJ1jJKIRLR7Td0yfa908RH2fRHsyXNs9So4fx3cM
|
IxHgZ8yn/jNmpGrqj1ZPvF3V2qGG9RomI5txRf3oEWaiM1EGoHrcgj5GSEeF
|
||||||
SDkTQO6olnKBr9hGm/ua1ohvRFfoUSMu1eNfe+X0FkZZxES0CJBBb43vitDq
|
7izz9sPV+DGA/aY0VTZOSIIdogZ7yY8KGRJ5w30KTmJtvZ6zzYUFzBtzqLup
|
||||||
dsL1lgP1Co0HjvrGu3VKRPSDbUYhfI7raq4jZAy5Q9IJrMLrLdKjlJYjg5St
|
Ax3I5OzDJUuIOWr0wcE+SPAuBq4VWzfY2gTUUeepy+VMDilN2dltRAlPL+6R
|
||||||
1Cso0QR938DG3UM0uLXrj9YZ5BdNCqUFvu/gJPjA+VfL4giAYy5cmslEuvV7
|
t8wy4JjIuQ8y/fYVYkSVACWgL9cXWWQWgyk8yr+KJFV3ejL0UxwCGtpy54cj
|
||||||
EKkFuTmOOBY4fXSZIDfQinl966QgnCQgmYiPNctyVMtJPF7GA0K/FPMx/CHH
|
kVtt1b3i/VhntaSFKMzY6BtRKrSbtd1nvuMT8gSrY9Kq6MFUNorjlAkAznkK
|
||||||
KZUuXkKo04jeSWuQ9ZQC81xEifZb1CXlh0p9AIn2i9aSMrRBMHGmzfEb4FKH
|
R4Jw6aWF8aMor3JhCp0aqc109K9pvmvkCRvCkYKH/Fs9DLGD1AsEDPFrdndi
|
||||||
8d4onnK27xWC
|
AWs=
|
|
@ -96,16 +96,27 @@ http {
|
||||||
# Logging Settings
|
# Logging Settings
|
||||||
##
|
##
|
||||||
|
|
||||||
log_format ltsv "time:$time_local\thost:$remote_addr"
|
log_format json escape=json
|
||||||
"\tforwardedfor:$http_x_forwarded_for\t"
|
'{'
|
||||||
"method:$request_method\tpath:$request_uri\tprotocol:$server_protocol"
|
'"time":"$time_local",'
|
||||||
"\tstatus:$status\tsize:$body_bytes_sent\treferer:$http_referer"
|
'"host":"$remote_addr",'
|
||||||
"\tua:$http_user_agent\ttaken_sec:$request_time"
|
'"forwardedfor":"$http_x_forwarded_for",'
|
||||||
"\tbackend:$upstream_addr\tbackend_status:$upstream_status"
|
'"method":"$request_method",'
|
||||||
"\tcache:$upstream_http_x_cache\tbackend_runtime:$upstream_response_time"
|
'"path":"$request_uri",'
|
||||||
"\tvhost:$host";
|
'"protocol":"$server_protocol",'
|
||||||
|
'"status":"$status",'
|
||||||
|
'"size":"$body_bytes_sent",'
|
||||||
|
'"referer":"$http_referer",'
|
||||||
|
'"ua":"$http_user_agent",'
|
||||||
|
'"taken_sec":"$request_time",'
|
||||||
|
'"backend":"$upstream_addr",'
|
||||||
|
'"backend_status":"$upstream_status",'
|
||||||
|
'"cache":"$upstream_http_x_cache",'
|
||||||
|
'"backend_runtime":"$upstream_response_time",'
|
||||||
|
'"vhost":"$host"'
|
||||||
|
'}';
|
||||||
|
|
||||||
access_log /var/log/nginx/access.log ltsv;
|
access_log /var/log/nginx/access.log json;
|
||||||
error_log /var/log/nginx/error.log;
|
error_log /var/log/nginx/error.log;
|
||||||
|
|
||||||
##
|
##
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Vector
|
||||||
|
Documentation=https://vector.dev
|
||||||
|
After=network-online.target
|
||||||
|
Requires=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStart=/usr/bin/vector --config /etc/vector/nginx-access.toml
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
Restart=always
|
||||||
|
StandardOutput=journal
|
||||||
|
StandardError=journal
|
||||||
|
SyslogIdentifier=vector
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Vector
|
||||||
|
Documentation=https://vector.dev
|
||||||
|
After=network-online.target
|
||||||
|
Requires=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStart=/usr/bin/vector --config /etc/vector/nginx-error.toml
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
Restart=always
|
||||||
|
StandardOutput=journal
|
||||||
|
StandardError=journal
|
||||||
|
SyslogIdentifier=vector
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
data_dir = "/var/lib/vector/"
|
||||||
|
|
||||||
|
[sources.nginx]
|
||||||
|
type = "file"
|
||||||
|
include = [ "/var/log/nginx/*access.log" ]
|
||||||
|
ignore_older_secs = 600
|
||||||
|
read_from = "beginning"
|
||||||
|
|
||||||
|
[transforms.nginx_transform]
|
||||||
|
type = "remap"
|
||||||
|
inputs = ["nginx"]
|
||||||
|
source = '''
|
||||||
|
.hostname = .host
|
||||||
|
|
||||||
|
l = parse_json!(.message)
|
||||||
|
. = merge!(., l)
|
||||||
|
|
||||||
|
del(.message)
|
||||||
|
del(.host)
|
||||||
|
|
||||||
|
.status = string!(.status)
|
||||||
|
if match(.status, r'^[23]') {
|
||||||
|
.level = "info"
|
||||||
|
} else if match(.status, r'^[4]') {
|
||||||
|
.level = "warn"
|
||||||
|
} else {
|
||||||
|
.level = "error"
|
||||||
|
}
|
||||||
|
|
||||||
|
.timestamp = parse_timestamp!(.time, format: "%d/%b/%Y:%T %z")
|
||||||
|
del(.time)
|
||||||
|
'''
|
||||||
|
|
||||||
|
[sinks.nginx_output]
|
||||||
|
type = "file"
|
||||||
|
inputs = [ "nginx_transform" ]
|
||||||
|
compression = "none"
|
||||||
|
path = "/tmp/nginx-access-%Y-%m-%d.log"
|
||||||
|
|
||||||
|
[sinks.nginx_output.encoding]
|
||||||
|
codec = "json"
|
||||||
|
|
||||||
|
[sinks.nginx_output.buffer]
|
||||||
|
max_size = 268435488
|
||||||
|
type = "disk"
|
||||||
|
|
||||||
|
[sinks.nginx_loki]
|
||||||
|
type = "loki"
|
||||||
|
inputs = [ "nginx_transform" ]
|
||||||
|
endpoint = "http://loki.service.consul:3100"
|
||||||
|
compression = "snappy"
|
||||||
|
|
||||||
|
[sinks.nginx_loki.labels]
|
||||||
|
level = "{{ level }}"
|
||||||
|
hostname = "{{ hostname }}"
|
||||||
|
job = "nginx"
|
||||||
|
vhost = "{{ vhost }}"
|
||||||
|
|
||||||
|
[sinks.nginx_loki.encoding]
|
||||||
|
codec = "json"
|
||||||
|
|
||||||
|
[sinks.nginx_loki.buffer]
|
||||||
|
max_size = 268435488
|
||||||
|
type = "disk"
|
||||||
|
|
|
@ -0,0 +1,56 @@
|
||||||
|
data_dir = "/var/lib/vector/"
|
||||||
|
|
||||||
|
[sources.nginx-error]
|
||||||
|
type = "file"
|
||||||
|
include = [ "/var/log/nginx/*error.log" ]
|
||||||
|
ignore_older_secs = 600
|
||||||
|
read_from = "beginning"
|
||||||
|
|
||||||
|
[transforms.nginx-error_transform]
|
||||||
|
type = "remap"
|
||||||
|
inputs = ["nginx-error"]
|
||||||
|
source = '''
|
||||||
|
.hostname = .host
|
||||||
|
del(.host)
|
||||||
|
|
||||||
|
el, err = parse_regex(.message, r'^(?P<timestamp>[^ ]+ [^ ]+) (?P<level>[^ ]+) (?P<message>.*)$')
|
||||||
|
. = merge(., el)
|
||||||
|
|
||||||
|
tmp, err = replace(.level, "[", "")
|
||||||
|
.level = replace(tmp, "]", "")
|
||||||
|
|
||||||
|
.timestamp = parse_timestamp!(.timestamp, "%Y/%m/%d %T")
|
||||||
|
'''
|
||||||
|
|
||||||
|
[sinks.nginx-error_output]
|
||||||
|
type = "file"
|
||||||
|
inputs = [ "nginx-error_transform" ]
|
||||||
|
compression = "none"
|
||||||
|
path = "/tmp/nginx-error-%Y-%m-%d.log"
|
||||||
|
|
||||||
|
[sinks.nginx-error_output.encoding]
|
||||||
|
codec = "json"
|
||||||
|
|
||||||
|
[sinks.nginx-error_output.buffer]
|
||||||
|
max_size = 268435488
|
||||||
|
type = "disk"
|
||||||
|
|
||||||
|
[sinks.nginx-error_loki]
|
||||||
|
type = "loki"
|
||||||
|
inputs = [ "nginx-error_transform" ]
|
||||||
|
endpoint = "http://loki.service.consul:3100"
|
||||||
|
compression = "snappy"
|
||||||
|
|
||||||
|
[sinks.nginx-error_loki.labels]
|
||||||
|
level = "{{ level }}"
|
||||||
|
hostname = "{{ hostname }}"
|
||||||
|
vhost = "{{ vhost }}"
|
||||||
|
job = "nginx"
|
||||||
|
|
||||||
|
[sinks.nginx-error_loki.encoding]
|
||||||
|
codec = "json"
|
||||||
|
|
||||||
|
[sinks.nginx-error_loki.buffer]
|
||||||
|
max_size = 268435488
|
||||||
|
type = "disk"
|
||||||
|
|
|
@ -8,4 +8,4 @@
|
||||||
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module \
|
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module \
|
||||||
--with-http_v2_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module \
|
--with-http_v2_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module \
|
||||||
--with-http_addition_module --with-http_geoip_module --with-http_gunzip_module --with-http_gzip_static_module \
|
--with-http_addition_module --with-http_geoip_module --with-http_gunzip_module --with-http_gzip_static_module \
|
||||||
--with-http_sub_module --with-stream --with-stream_ssl_module
|
--with-http_sub_module --with-stream --with-stream_ssl_module --with-http_v3_module
|
||||||
|
|
|
@ -91,14 +91,14 @@ end
|
||||||
user 'root'
|
user 'root'
|
||||||
cwd LEGO_STORAGE
|
cwd LEGO_STORAGE
|
||||||
end
|
end
|
||||||
end
|
|
||||||
|
|
||||||
encrypted_remote_file '/etc/cron.d/lego' do
|
encrypted_remote_file "/etc/cron.d/#{domain}" do
|
||||||
owner 'root'
|
owner 'root'
|
||||||
group 'root'
|
group 'root'
|
||||||
mode '644'
|
mode '644'
|
||||||
source 'files/etc/cron.d/lego'
|
source "files/etc/cron.d/#{domain}"
|
||||||
password ENV['ITAMAE_PASSWORD']
|
password ENV['ITAMAE_PASSWORD']
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
remote_file "/etc/lego/dhparams_4096.pem" do
|
remote_file "/etc/lego/dhparams_4096.pem" do
|
||||||
|
|
|
@ -13,7 +13,7 @@ remote_file '/lib/systemd/system/nginx.service' do
|
||||||
end
|
end
|
||||||
|
|
||||||
# Firewall Setting:
|
# Firewall Setting:
|
||||||
%w( 80/tcp 443/tcp ).each do |port|
|
%w( 80/tcp 443/tcp 443/udp ).each do |port|
|
||||||
execute "ufw allow #{port}" do
|
execute "ufw allow #{port}" do
|
||||||
user 'root'
|
user 'root'
|
||||||
|
|
||||||
|
@ -35,25 +35,36 @@ service 'nginx' do
|
||||||
action [ :enable, :start ]
|
action [ :enable, :start ]
|
||||||
end
|
end
|
||||||
|
|
||||||
# Deploy `promtail` config file:
|
# Deploy `vector` config:
|
||||||
HOSTNAME = run_command('uname -n').stdout.chomp
|
remote_file '/etc/vector/nginx-access.toml' do
|
||||||
|
|
||||||
template '/etc/promtail/nginx.yaml' do
|
|
||||||
owner 'root'
|
|
||||||
group 'root'
|
|
||||||
mode '644'
|
|
||||||
|
|
||||||
variables(HOSTNAME: HOSTNAME, LOKIENDPOINT: node['promtail']['lokiendpoint'])
|
|
||||||
end
|
|
||||||
|
|
||||||
# Deploy the `systemd` configuration:
|
|
||||||
remote_file '/lib/systemd/system/promtail-nginx.service' do
|
|
||||||
owner 'root'
|
owner 'root'
|
||||||
group 'root'
|
group 'root'
|
||||||
mode '644'
|
mode '644'
|
||||||
end
|
end
|
||||||
|
|
||||||
# Service setting:
|
remote_file '/etc/systemd/system/vector-nginx-access.service' do
|
||||||
service 'promtail-nginx' do
|
owner 'root'
|
||||||
action [ :enable, :restart ]
|
group 'root'
|
||||||
|
mode '644'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
service 'vector-nginx-access' do
|
||||||
|
action [ :enable, :start ]
|
||||||
|
end
|
||||||
|
|
||||||
|
remote_file '/etc/vector/nginx-error.toml' do
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '644'
|
||||||
|
end
|
||||||
|
|
||||||
|
remote_file '/etc/systemd/system/vector-nginx-error.service' do
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '644'
|
||||||
|
end
|
||||||
|
|
||||||
|
service 'vector-nginx-error' do
|
||||||
|
action [ :enable, :start ]
|
||||||
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue