From f73b2ce91969966cebf05ed2da6d9073d634d9f1 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 30 Apr 2025 18:25:14 +0900 Subject: [PATCH] update docker for log-dir option --- .gitignore | 1 + CHANGELOG.md | 9 ++++++++- docker/Dockerfile | 12 ++++++------ docker/README.md | 7 +++---- docker/docker-compose-slim.yml | 3 +-- docker/docker-compose.yml | 3 +-- docker/entrypoint.sh | 31 +++++++++++++++++++++---------- docker/run.sh | 18 ++++++------------ 8 files changed, 47 insertions(+), 37 deletions(-) diff --git a/.gitignore b/.gitignore index f53ee49..20b6fd3 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,7 @@ docker/log docker/cache docker/config +docker/acme_registry # Generated by Cargo # will have compiled files and executables diff --git a/CHANGELOG.md b/CHANGELOG.md index c54ced1..a76b24d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,19 @@ # CHANGELOG -## 0.10.0 (Unreleased) +## 0.10.1 or 0.11.0 (Unreleased) + +## 0.10.0 ### Important Changes - [Breaking] We removed non-`watch` execute option and enabled the dynamic reloading of the config file by default. - We newly added `log-dir` execute option to specify the directory for `access.log`,`error.log` and `rpxy.log`. This is optional, and if not specified, the logs are written to the standard output by default. +### Improvement + +- Refactor: lots of minor improvements +- Deps + ## 0.9.7 ### Improvement diff --git a/docker/Dockerfile b/docker/Dockerfile index c213bc1..8d9ff29 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -2,13 +2,13 @@ FROM ubuntu:24.04 AS base LABEL maintainer="Jun Kurihara" SHELL ["/bin/sh", "-x", "-c"] -ENV SERIAL 2 +ENV SERIAL=2 ######################################## FROM --platform=$BUILDPLATFORM base AS builder ENV CFLAGS=-Ofast -ENV BUILD_DEPS curl make ca-certificates build-essential +ENV BUILD_DEPS="curl make ca-certificates build-essential" ENV TARGET_SUFFIX=unknown-linux-gnu WORKDIR /tmp @@ -17,9 +17,9 @@ COPY . /tmp/ ARG TARGETARCH ARG CARGO_FEATURES -ENV CARGO_FEATURES ${CARGO_FEATURES} +ENV CARGO_FEATURES="${CARGO_FEATURES}" ARG ADDITIONAL_DEPS -ENV ADDITIONAL_DEPS ${ADDITIONAL_DEPS} +ENV ADDITIONAL_DEPS="${ADDITIONAL_DEPS}" RUN if [ $TARGETARCH = "amd64" ]; then \ echo "x86_64" > /arch; \ @@ -30,7 +30,7 @@ RUN if [ $TARGETARCH = "amd64" ]; then \ exit 1; \ fi -ENV RUSTFLAGS "-C link-arg=-s" +ENV RUSTFLAGS="-C link-arg=-s" RUN update-ca-certificates 2> /dev/null || true @@ -48,7 +48,7 @@ RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS ${ ######################################## FROM --platform=$TARGETPLATFORM base AS runner -ENV RUNTIME_DEPS logrotate ca-certificates gosu +ENV RUNTIME_DEPS="logrotate ca-certificates gosu" RUN apt-get update && \ apt-get install -qy --no-install-recommends $RUNTIME_DEPS && \ diff --git a/docker/README.md b/docker/README.md index 6fb5135..f2de23b 100644 --- a/docker/README.md +++ b/docker/README.md @@ -9,11 +9,10 @@ There are several docker-specific environment variables. - `HOST_USER` (default: `user`): User name executing `rpxy` inside the container. - `HOST_UID` (default: `900`): `UID` of `HOST_USER`. - `HOST_GID` (default: `900`): `GID` of `HOST_USER` -- `LOG_LEVEL=debug|info|warn|error`: Log level -- `LOG_TO_FILE=true|false`: Enable logging to the log file `/rpxy/log/rpxy.log` using `logrotate`. You should mount `/rpxy/log` via docker volume option if enabled. The log dir and file will be owned by the `HOST_USER` with `HOST_UID:HOST_GID` on the host machine. Hence, `HOST_USER`, `HOST_UID` and `HOST_GID` should be the same as ones of the user who executes the `rpxy` docker container on the host. -- `WATCH=true|false` (default: `false`): Activate continuous watching of the config file if true. +- `LOG_LEVEL=trace|debug|info|warn|error`: Log level +- `LOG_TO_FILE=true|false`: Enable logging to the log files using `logrotate` (locations: system/error log = `/rpxy/log/rpxy.log`, and access log = `/rpxy/log/access.log`). You should mount `/rpxy/log` via docker volume option if enabled. The log dir and file will be owned by the `HOST_USER` with `HOST_UID:HOST_GID` on the host machine. Hence, `HOST_USER`, `HOST_UID` and `HOST_GID` should be the same as ones of the user who executes the `rpxy` docker container on the host. -Then, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. **If `WATCH=true`, You need to mount a directory, e.g., `./rpxy-config/`, including `rpxy.toml` on `/rpxy/config` instead of a file to correctly track file changes**. This is a docker limitation. Even if `WATCH=false`, you can mount the dir onto `/rpxy/config` rather than `/etc/rpxy.toml`. A file mounted on `/etc/rpxy` is prioritized over a dir mounted on `/rpxy/config`. +Then, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. **You need to mount a directory, e.g., `./rpxy-config/`, including `rpxy.toml` on `/rpxy/config` instead of a file to dynamically track file changes**. This is a docker limitation. You can mount the dir onto `/rpxy/config` rather than `/etc/rpxy.toml`. A file mounted on `/etc/rpxy` is prioritized over a dir mounted on `/rpxy/config`. See [`docker-compose.yml`](./docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container. diff --git a/docker/docker-compose-slim.yml b/docker/docker-compose-slim.yml index 0337d20..0c79f4c 100644 --- a/docker/docker-compose-slim.yml +++ b/docker/docker-compose-slim.yml @@ -20,12 +20,11 @@ services: # - "linux/amd64" - "linux/arm64" environment: - - LOG_LEVEL=debug + - LOG_LEVEL=trace - LOG_TO_FILE=true - HOST_USER=jun - HOST_UID=501 - HOST_GID=501 - # - WATCH=true tty: false privileged: true volumes: diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index a8ad4af..28f5b03 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -20,12 +20,11 @@ services: # - "linux/amd64" - "linux/arm64" environment: - - LOG_LEVEL=debug + - LOG_LEVEL=trace - LOG_TO_FILE=true - HOST_USER=jun - HOST_UID=501 - HOST_GID=501 - # - WATCH=true tty: false privileged: true volumes: diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index d7fee43..bf11a13 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,6 +1,7 @@ #!/usr/bin/env sh LOG_DIR=/rpxy/log -LOG_FILE=${LOG_DIR}/rpxy.log +SYSTEM_LOG_FILE=${LOG_DIR}/rpxy.log +ACCESS_LOG_FILE=${LOG_DIR}/access.log LOG_SIZE=10M LOG_NUM=10 @@ -43,8 +44,24 @@ include /etc/logrotate.d # system-specific logs may be also be configured here. EOF - cat > /etc/logrotate.d/rpxy.conf << EOF -${LOG_FILE} { + cat > /etc/logrotate.d/rpxy-system.conf << EOF +${SYSTEM_LOG_FILE} { + dateext + daily + missingok + rotate ${LOG_NUM} + notifempty + compress + delaycompress + dateformat -%Y-%m-%d-%s + size ${LOG_SIZE} + copytruncate + su ${USER} ${USER} +} +EOF + + cat > /etc/logrotate.d/rpxy-access.conf << EOF +${ACCESS_LOG_FILE} { dateext daily missingok @@ -157,10 +174,4 @@ fi # Run rpxy cd /rpxy echo "rpxy: Start with user: ${USER} (${USER_ID}:${GROUP_ID})" -if "${LOGGING}"; then - echo "rpxy: Start with writing log file" - gosu ${USER} sh -c "/rpxy/run.sh 2>&1 | tee ${LOG_FILE}" -else - echo "rpxy: Start without writing log file" - gosu ${USER} sh -c "/rpxy/run.sh 2>&1" -fi +gosu ${USER} sh -c "/rpxy/run.sh 2>&1" diff --git a/docker/run.sh b/docker/run.sh index 25f50d6..cfb726d 100644 --- a/docker/run.sh +++ b/docker/run.sh @@ -1,5 +1,7 @@ #!/usr/bin/env sh CONFIG_FILE=/etc/rpxy.toml +LOG_DIR=/rpxy/log +LOGGING=${LOG_TO_FILE:-false} # debug level logging if [ -z $LOG_LEVEL ]; then @@ -7,19 +9,11 @@ if [ -z $LOG_LEVEL ]; then fi echo "rpxy: Logging with level ${LOG_LEVEL}" -# continuously watch and reload the config file -if [ -z $WATCH ]; then - WATCH=false -else - if [ "$WATCH" = "true" ]; then - WATCH=true - else - WATCH=false - fi -fi -if $WATCH ; then - RUST_LOG=${LOG_LEVEL} /rpxy/bin/rpxy --config ${CONFIG_FILE} -w +if "${LOGGING}"; then + echo "rpxy: Start with writing log files" + RUST_LOG=${LOG_LEVEL} /rpxy/bin/rpxy --config ${CONFIG_FILE} --log-dir ${LOG_DIR} else + echo "rpxy: Start without writing log files" RUST_LOG=${LOG_LEVEL} /rpxy/bin/rpxy --config ${CONFIG_FILE} fi