update docker for log-dir option

2025-04-30 18:25:14 +09:00 · 2025-04-30 18:25:14 +09:00 · f73b2ce919
commit f73b2ce919
parent 9947a1e81a
8 changed files with 47 additions and 37 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,6 +3,7 @@
 docker/log
 docker/cache
 docker/config
+docker/acme_registry

 # Generated by Cargo
 # will have compiled files and executables
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,12 +1,19 @@
 # CHANGELOG

-## 0.10.0 (Unreleased)
+## 0.10.1 or 0.11.0 (Unreleased)
+
+## 0.10.0

 ### Important Changes

 - [Breaking] We removed non-`watch` execute option and enabled the dynamic reloading of the config file by default.
 - We newly added `log-dir` execute option to specify the directory for `access.log`,`error.log` and `rpxy.log`. This is optional, and if not specified, the logs are written to the standard output by default.

+### Improvement
+
+- Refactor: lots of minor improvements
+- Deps
+
 ## 0.9.7

 ### Improvement
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -2,13 +2,13 @@ FROM ubuntu:24.04 AS base
 LABEL maintainer="Jun Kurihara"

 SHELL ["/bin/sh", "-x", "-c"]
-ENV SERIAL 2
+ENV SERIAL=2

 ########################################
 FROM --platform=$BUILDPLATFORM base AS builder

 ENV CFLAGS=-Ofast
-ENV BUILD_DEPS curl make ca-certificates build-essential
+ENV BUILD_DEPS="curl make ca-certificates build-essential"
 ENV TARGET_SUFFIX=unknown-linux-gnu

 WORKDIR /tmp
@ -17,9 +17,9 @@ COPY . /tmp/

 ARG TARGETARCH
 ARG CARGO_FEATURES
-ENV CARGO_FEATURES ${CARGO_FEATURES}
+ENV CARGO_FEATURES="${CARGO_FEATURES}"
 ARG ADDITIONAL_DEPS
-ENV ADDITIONAL_DEPS ${ADDITIONAL_DEPS}
+ENV ADDITIONAL_DEPS="${ADDITIONAL_DEPS}"

 RUN if [ $TARGETARCH = "amd64" ]; then \
  echo "x86_64" > /arch; \
@ -30,7 +30,7 @@ RUN if [ $TARGETARCH = "amd64" ]; then \
  exit 1; \
  fi

-ENV RUSTFLAGS "-C link-arg=-s"
+ENV RUSTFLAGS="-C link-arg=-s"

 RUN update-ca-certificates 2> /dev/null || true

@ -48,7 +48,7 @@ RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS ${
 ########################################
 FROM --platform=$TARGETPLATFORM base AS runner

-ENV RUNTIME_DEPS logrotate ca-certificates gosu
+ENV RUNTIME_DEPS="logrotate ca-certificates gosu"

 RUN apt-get update && \
  apt-get install -qy --no-install-recommends $RUNTIME_DEPS && \
--- a/docker/README.md
+++ b/docker/README.md
@ -9,11 +9,10 @@ There are several docker-specific environment variables.
 - `HOST_USER` (default: `user`): User name executing `rpxy` inside the container.
 - `HOST_UID` (default: `900`): `UID` of `HOST_USER`.
 - `HOST_GID` (default: `900`): `GID` of `HOST_USER`
- `LOG_LEVEL=debug|info|warn|error`: Log level
- `LOG_TO_FILE=true|false`: Enable logging to the log file `/rpxy/log/rpxy.log` using `logrotate`. You should mount `/rpxy/log` via docker volume option if enabled. The log dir and file will be owned by the `HOST_USER` with `HOST_UID:HOST_GID` on the host machine. Hence, `HOST_USER`, `HOST_UID` and `HOST_GID` should be the same as ones of the user who executes the `rpxy` docker container on the host.
- `WATCH=true|false` (default: `false`): Activate continuous watching of the config file if true.
+- `LOG_LEVEL=trace|debug|info|warn|error`: Log level
+- `LOG_TO_FILE=true|false`: Enable logging to the log files using `logrotate` (locations: system/error log = `/rpxy/log/rpxy.log`, and access log = `/rpxy/log/access.log`). You should mount `/rpxy/log` via docker volume option if enabled. The log dir and file will be owned by the `HOST_USER` with `HOST_UID:HOST_GID` on the host machine. Hence, `HOST_USER`, `HOST_UID` and `HOST_GID` should be the same as ones of the user who executes the `rpxy` docker container on the host.

-Then, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. **If `WATCH=true`, You need to mount a directory, e.g., `./rpxy-config/`, including `rpxy.toml` on `/rpxy/config` instead of a file to correctly track file changes**. This is a docker limitation. Even if `WATCH=false`, you can mount the dir onto `/rpxy/config` rather than `/etc/rpxy.toml`. A file mounted on `/etc/rpxy` is prioritized over a dir mounted on `/rpxy/config`.
+Then, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. **You need to mount a directory, e.g., `./rpxy-config/`, including `rpxy.toml` on `/rpxy/config` instead of a file to dynamically track file changes**. This is a docker limitation. You can mount the dir onto `/rpxy/config` rather than `/etc/rpxy.toml`. A file mounted on `/etc/rpxy` is prioritized over a dir mounted on `/rpxy/config`.

 See [`docker-compose.yml`](./docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container.

--- a/docker/docker-compose-slim.yml
+++ b/docker/docker-compose-slim.yml
@ -20,12 +20,11 @@ services:
        # - "linux/amd64"
        - "linux/arm64"
    environment:
-      - LOG_LEVEL=debug
+      - LOG_LEVEL=trace
      - LOG_TO_FILE=true
      - HOST_USER=jun
      - HOST_UID=501
      - HOST_GID=501
-      # - WATCH=true
    tty: false
    privileged: true
    volumes:
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@ -20,12 +20,11 @@ services:
        # - "linux/amd64"
        - "linux/arm64"
    environment:
-      - LOG_LEVEL=debug
+      - LOG_LEVEL=trace
      - LOG_TO_FILE=true
      - HOST_USER=jun
      - HOST_UID=501
      - HOST_GID=501
-      # - WATCH=true
    tty: false
    privileged: true
    volumes:
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -1,6 +1,7 @@
 #!/usr/bin/env sh
 LOG_DIR=/rpxy/log
-LOG_FILE=${LOG_DIR}/rpxy.log
+SYSTEM_LOG_FILE=${LOG_DIR}/rpxy.log
+ACCESS_LOG_FILE=${LOG_DIR}/access.log
 LOG_SIZE=10M
 LOG_NUM=10

@ -43,8 +44,24 @@ include /etc/logrotate.d
 # system-specific logs may be also be configured here.
 EOF

-  cat > /etc/logrotate.d/rpxy.conf << EOF
-${LOG_FILE} {
+  cat > /etc/logrotate.d/rpxy-system.conf << EOF
+${SYSTEM_LOG_FILE} {
+    dateext
+    daily
+    missingok
+    rotate ${LOG_NUM}
+    notifempty
+    compress
+    delaycompress
+    dateformat -%Y-%m-%d-%s
+    size ${LOG_SIZE}
+    copytruncate
+    su ${USER} ${USER}
+}
+EOF
+
+  cat > /etc/logrotate.d/rpxy-access.conf << EOF
+${ACCESS_LOG_FILE} {
    dateext
    daily
    missingok
@ -157,10 +174,4 @@ fi
 # Run rpxy
 cd /rpxy
 echo "rpxy: Start with user: ${USER} (${USER_ID}:${GROUP_ID})"
-if "${LOGGING}"; then
-  echo "rpxy: Start with writing log file"
-  gosu ${USER} sh -c "/rpxy/run.sh 2>&1 | tee ${LOG_FILE}"
-else
-  echo "rpxy: Start without writing log file"
-  gosu ${USER} sh -c "/rpxy/run.sh 2>&1"
-fi
+gosu ${USER} sh -c "/rpxy/run.sh 2>&1"
--- a/docker/run.sh
+++ b/docker/run.sh
@ -1,5 +1,7 @@
 #!/usr/bin/env sh
 CONFIG_FILE=/etc/rpxy.toml
+LOG_DIR=/rpxy/log
+LOGGING=${LOG_TO_FILE:-false}

 # debug level logging
 if [ -z $LOG_LEVEL ]; then
@ -7,19 +9,11 @@ if [ -z $LOG_LEVEL ]; then
 fi
 echo "rpxy: Logging with level ${LOG_LEVEL}"

-# continuously watch and reload the config file
-if [ -z $WATCH ]; then
-  WATCH=false
-else
-  if [ "$WATCH" = "true" ]; then
-    WATCH=true
-  else
-    WATCH=false
-  fi
-fi

-if  $WATCH ; then
-  RUST_LOG=${LOG_LEVEL} /rpxy/bin/rpxy --config ${CONFIG_FILE} -w
+if "${LOGGING}"; then
+  echo "rpxy: Start with writing log files"
+  RUST_LOG=${LOG_LEVEL} /rpxy/bin/rpxy --config ${CONFIG_FILE} --log-dir ${LOG_DIR}
 else
+  echo "rpxy: Start without writing log files"
  RUST_LOG=${LOG_LEVEL} /rpxy/bin/rpxy --config ${CONFIG_FILE}
 fi