I set it to debug at somepoint and forgot maybe? Idk, but why the heck does the default config of the official Docker is to keep all logs, forever, in a single file woth no rotation?
Feels like 101 of log files. Anyway, this explains why my storage recipt grew slowly but unexpectedly.
You should always setup logrotate. Yes the good old Linux logrotate…
I don’t disagree that logrotate is a sensible answer here, but making that the responsibility of the user is silly.
Are you crazy? I understand that we are used to dumbed down stuff, but come on…
Rotating logs is in the ABC of any sysadmin, even before backups.
First, secure your ssh logins, then secure your logs, then your fail2ban then your backups…
To me, that’s in the basic stuff you must always ensure.
This is a docker! If your docker is marketed as ready to go and all-in-one, it should have basic things like that.
If I were running this as a full system with a user base then of course I would go over everything and make sure it all makes sebse for my needs. But since my needs were just a running nc instance, it would make sense to run a simple docker with mostly default config. If your docker by default has terrible config, then you are missing the point a bit.
Dockers images are often incoherent and just different from one a other so much that you should never give something as expected and doublecheck the basics.
Docker was never meant do deploy services, and I shows.
What? Like, yeah you are responsible to do your own checks, sure. but the fuq you said about docker?
It’s absolutely meant to deploy services, that’s its entire purpose…
Logration is the abc of the developer.
Why should I need 3rd party tools to fix the work of the developer??
Why is that? Really? The Dev should replace a system function? And implement over and over again the same errors when logrotate exist?
Is it default on every distro? If not, then it’s the responsibility of the dev.
Yes, that’s exactly what we’re arguing here. The developer also should replace autotools/cmake, git, … Don’t be daft! Packaging sane defaults for logrotate is now replacing a system function?
Docker is supposed to run a single process Logrotate is a separate process. So unless the application handles rotating logs, the container shouldn’t handle it.
Those should also all be secure by default. What is this, Windows?
Just basic checks I prefer to ensure, not leave to distribution good faith. If all is set, good to go. Otherwise, fix and move on.
Specially with self hosted stuff that is a bit more custom than the usual.
We should each not have to configure log rotation for every individual service. That would require identify what and how it logs data in the first place, then implementing a logrotate config. Services should include a reasonable default in logrotate.d as part of their install package.
Docker services should let docker handle it, and the user could then manage it through Docker or forward to some other logging service (syslog, systemd, etc). Processes in containers shouldn’t touch rotation or anything, just log levels and maybe which types of logs go to stdout vs stderr.
Agreed, but going container route those nice basic practices are dead.
And also, being mextcloud a php service, of can’t by definition ship with a logrotate config too, because its never packaged by your repo.
The fact (IMHO) is that the logs shouldn’t be there, in a persistent volume.
Probably, but still, if they are, just rotate them.
Ideally yes, but I’ve had to do this regularly for many services developed both in-house and out of house.
Solve problems, and maybe share your work if you like, I think we all appreciate it.