services: Add log rotation to most networking services.

This adds a simple log rotation extension to every networking service that
specifies a #:log-file in its Shepherd service, which should prevent some logs
from accumulating indefinitely.

* gnu/services/networking.scm (%ntp-log-rotation): New variable.
(ntp-service-type): Extend 'rottlog-service-type'.
(openntpd-shepherd-service): Change #:log-file argument to "/var/log/ntpd.log".
(openntpd-service-type): Extend 'rottlog-service-type'.
(%tor-log-rotation): New variable.
(tor-service-type): Extend 'rottlog-service-type'.
(%connman-log-rotation): New variable.
(connman-service-type): Extend 'rottlog-service-type'.
(%hostapd-log-rotation): New variable.
(hostapd-service-type): Extend 'rottlog-service-type'.
(%pagekite-log-rotation): New variable.
(pagekite-service-type): Extend 'rottlog-service-type'.
(%yggdrasil-log-rotation): New variable.
(yggdrasil-service-type): Extend 'rottlog-service-type'.
(%ipfs-log-rotation): New variable.
(ipfs-service-type): Extend 'rottlog-service-type'.
(%keepalived-log-rotation): New variable.
(keepalived-service-type): Extend 'rottlog-service-type'.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
ykonai 2022-05-23 21:39:08 +02:00 committed by Ludovic Courtès
parent 3e59d41df0
commit 29c9317808
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5

View file

@ -41,6 +41,7 @@ (define-module (gnu services networking)
#:use-module (gnu services linux) #:use-module (gnu services linux)
#:use-module (gnu services shepherd) #:use-module (gnu services shepherd)
#:use-module (gnu services dbus) #:use-module (gnu services dbus)
#:use-module (gnu services admin)
#:use-module (gnu system shadow) #:use-module (gnu system shadow)
#:use-module (gnu system pam) #:use-module (gnu system pam)
#:use-module ((gnu system file-systems) #:select (file-system-mapping)) #:use-module ((gnu system file-systems) #:select (file-system-mapping))
@ -384,6 +385,11 @@ (define dhcpd-service-type
;;; NTP. ;;; NTP.
;;; ;;;
(define %ntp-log-rotation
(list (log-rotation
(files '("/var/log/ntpd.log")))))
(define ntp-server-types (make-enumeration (define ntp-server-types (make-enumeration
'(pool '(pool
server server
@ -532,7 +538,9 @@ (define ntp-service-type
(service-extension account-service-type (service-extension account-service-type
(const %ntp-accounts)) (const %ntp-accounts))
(service-extension activation-service-type (service-extension activation-service-type
ntp-service-activation))) ntp-service-activation)
(service-extension rottlog-service-type
(const %ntp-log-rotation))))
(description (description
"Run the @command{ntpd}, the Network Time Protocol (NTP) "Run the @command{ntpd}, the Network Time Protocol (NTP)
daemon of the @uref{http://www.ntp.org, Network Time Foundation}. The daemon daemon of the @uref{http://www.ntp.org, Network Time Foundation}. The daemon
@ -614,7 +622,7 @@ (define ntpd.conf
;; When ntpd is daemonized it repeatedly tries to respawn ;; When ntpd is daemonized it repeatedly tries to respawn
;; while running, leading shepherd to disable it. To ;; while running, leading shepherd to disable it. To
;; prevent spamming stderr, redirect output to logfile. ;; prevent spamming stderr, redirect output to logfile.
#:log-file "/var/log/ntpd")) #:log-file "/var/log/ntpd.log"))
(stop #~(make-kill-destructor)))))) (stop #~(make-kill-destructor))))))
(define (openntpd-service-activation config) (define (openntpd-service-activation config)
@ -640,7 +648,9 @@ (define openntpd-service-type
(service-extension profile-service-type (service-extension profile-service-type
(compose list openntpd-configuration-openntpd)) (compose list openntpd-configuration-openntpd))
(service-extension activation-service-type (service-extension activation-service-type
openntpd-service-activation))) openntpd-service-activation)
(service-extension rottlog-service-type
(const %ntp-log-rotation))))
(default-value (openntpd-configuration)) (default-value (openntpd-configuration))
(description (description
"Run the @command{ntpd}, the Network Time Protocol (NTP) "Run the @command{ntpd}, the Network Time Protocol (NTP)
@ -987,6 +997,10 @@ (define (tor-shepherd-service config)
(stop #~(make-kill-destructor)) (stop #~(make-kill-destructor))
(documentation "Run the Tor anonymous network overlay.")))))))) (documentation "Run the Tor anonymous network overlay."))))))))
(define %tor-log-rotation
(list (log-rotation
(files '("/var/log/tor.log")))))
(define (tor-activation config) (define (tor-activation config)
"Set up directories for Tor and its hidden services, if any." "Set up directories for Tor and its hidden services, if any."
#~(begin #~(begin
@ -1032,7 +1046,9 @@ (define tor-service-type
(service-extension account-service-type (service-extension account-service-type
(const %tor-accounts)) (const %tor-accounts))
(service-extension activation-service-type (service-extension activation-service-type
tor-activation))) tor-activation)
(service-extension rottlog-service-type
(const %tor-log-rotation))))
;; This can be extended with hidden services. ;; This can be extended with hidden services.
(compose concatenate) (compose concatenate)
@ -1314,6 +1330,10 @@ (define (connman-shepherd-service config)
#:log-file "/var/log/connman.log")) #:log-file "/var/log/connman.log"))
(stop #~(make-kill-destructor))))))) (stop #~(make-kill-destructor)))))))
(define %connman-log-rotation
(list (log-rotation
(files '("/var/log/connman.log")))))
(define connman-service-type (define connman-service-type
(let ((connman-package (compose list connman-configuration-connman))) (let ((connman-package (compose list connman-configuration-connman)))
(service-type (name 'connman) (service-type (name 'connman)
@ -1328,7 +1348,9 @@ (define connman-service-type
connman-activation) connman-activation)
;; Add connman to the system profile. ;; Add connman to the system profile.
(service-extension profile-service-type (service-extension profile-service-type
connman-package))) connman-package)
(service-extension rottlog-service-type
(const %connman-log-rotation))))
(default-value (connman-configuration)) (default-value (connman-configuration))
(description (description
"Run @url{https://01.org/connman,Connman}, "Run @url{https://01.org/connman,Connman},
@ -1570,12 +1592,18 @@ (define* (hostapd-shepherd-services config #:key (requirement '()))
#:log-file "/var/log/hostapd.log")) #:log-file "/var/log/hostapd.log"))
(stop #~(make-kill-destructor))))) (stop #~(make-kill-destructor)))))
(define %hostapd-log-rotation
(list (log-rotation
(files '("/var/log/hostapd.log")))))
(define hostapd-service-type (define hostapd-service-type
(service-type (service-type
(name 'hostapd) (name 'hostapd)
(extensions (extensions
(list (service-extension shepherd-root-service-type (list (service-extension shepherd-root-service-type
hostapd-shepherd-services))) hostapd-shepherd-services)
(service-extension rottlog-service-type
(const %hostapd-log-rotation))))
(description (description
"Run the @uref{https://w1.fi/hostapd/, hostapd} daemon for Wi-Fi access "Run the @uref{https://w1.fi/hostapd/, hostapd} daemon for Wi-Fi access
points and authentication servers."))) points and authentication servers.")))
@ -1867,6 +1895,10 @@ (define (pagekite-shepherd-service config)
;; SIGTERM doesn't always work for some reason. ;; SIGTERM doesn't always work for some reason.
(stop #~(make-kill-destructor SIGINT)))))) (stop #~(make-kill-destructor SIGINT))))))
(define %pagekite-log-rotation
(list (log-rotation
(files '("/var/log/pagekite.log")))))
(define %pagekite-accounts (define %pagekite-accounts
(list (user-group (name "pagekite") (system? #t)) (list (user-group (name "pagekite") (system? #t))
(user-account (user-account
@ -1885,7 +1917,9 @@ (define pagekite-service-type
(list (service-extension shepherd-root-service-type (list (service-extension shepherd-root-service-type
(compose list pagekite-shepherd-service)) (compose list pagekite-shepherd-service))
(service-extension account-service-type (service-extension account-service-type
(const %pagekite-accounts)))) (const %pagekite-accounts))
(service-extension rottlog-service-type
(const %pagekite-log-rotation))))
(description (description
"Run @url{https://pagekite.net/,PageKite}, a tunneling solution to make "Run @url{https://pagekite.net/,PageKite}, a tunneling solution to make
local servers publicly accessible on the web, even behind NATs and firewalls."))) local servers publicly accessible on the web, even behind NATs and firewalls.")))
@ -1976,6 +2010,10 @@ (define yggdrasil-command
#:group "yggdrasil")) #:group "yggdrasil"))
(stop #~(make-kill-destructor))))) (stop #~(make-kill-destructor)))))
(define %yggdrasil-log-rotation
(list (log-rotation
(files '("/var/log/yggdrasil.log")))))
(define %yggdrasil-accounts (define %yggdrasil-accounts
(list (user-group (name "yggdrasil") (system? #t)))) (list (user-group (name "yggdrasil") (system? #t))))
@ -1991,7 +2029,9 @@ (define yggdrasil-service-type
(service-extension account-service-type (service-extension account-service-type
(const %yggdrasil-accounts)) (const %yggdrasil-accounts))
(service-extension profile-service-type (service-extension profile-service-type
(compose list yggdrasil-configuration-package)))))) (compose list yggdrasil-configuration-package))
(service-extension rottlog-service-type
(const %yggdrasil-log-rotation))))))
;;; ;;;
@ -2061,6 +2101,10 @@ (define ipfs-daemon-command
#:environment-variables #$%ipfs-environment)) #:environment-variables #$%ipfs-environment))
(stop #~(make-kill-destructor))))) (stop #~(make-kill-destructor)))))
(define %ipfs-log-rotation
(list (log-rotation
(files '("/var/log/ipfs.log")))))
(define (%ipfs-activation config) (define (%ipfs-activation config)
"Return an activation gexp for IPFS with CONFIG" "Return an activation gexp for IPFS with CONFIG"
(define (exec-command . args) (define (exec-command . args)
@ -2116,7 +2160,9 @@ (define ipfs-service-type
(service-extension activation-service-type (service-extension activation-service-type
%ipfs-activation) %ipfs-activation)
(service-extension shepherd-root-service-type (service-extension shepherd-root-service-type
ipfs-shepherd-service))) ipfs-shepherd-service)
(service-extension rottlog-service-type
(const %ipfs-log-rotation))))
(default-value (ipfs-configuration)) (default-value (ipfs-configuration))
(description (description
"Run @command{ipfs daemon}, the reference implementation "Run @command{ipfs daemon}, the reference implementation
@ -2153,10 +2199,16 @@ (define keepalived-shepherd-service
(respawn? #f) (respawn? #f)
(stop #~(make-kill-destructor))))))) (stop #~(make-kill-destructor)))))))
(define %keepalived-log-rotation
(list (log-rotation
(files '("/var/log/keepalived.log")))))
(define keepalived-service-type (define keepalived-service-type
(service-type (name 'keepalived) (service-type (name 'keepalived)
(extensions (list (service-extension shepherd-root-service-type (extensions (list (service-extension shepherd-root-service-type
keepalived-shepherd-service))) keepalived-shepherd-service)
(service-extension rottlog-service-type
(const %keepalived-log-rotation))))
(description (description
"Run @uref{https://www.keepalived.org/, Keepalived} "Run @uref{https://www.keepalived.org/, Keepalived}
routing software."))) routing software.")))