replace certbot log rotation with logrotate

This commit is contained in:
Daniel Micay 2024-02-13 11:56:53 -05:00
parent e81e9feef3
commit 2e7058e9c4
3 changed files with 43 additions and 1 deletions

38
logrotate.conf Normal file
View File

@ -0,0 +1,38 @@
# see "man logrotate" for details
# rotate log files daily
daily
# keep 10 days worth of backlogs
rotate 10
# restrict maximum size of log files
#size 20M
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# Logs are moved into directory for rotation
# olddir /var/log/archive
# Ignore pacman saved files
tabooext + .pacorig .pacnew .pacsave
# Arch packages drop log rotation information into this directory
include /etc/logrotate.d
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}

4
logrotate.d/letsencrypt Normal file
View File

@ -0,0 +1,4 @@
/var/log/letsencrypt/*.log {
missingok
nocreate
}

View File

@ -2,7 +2,7 @@
CapabilityBoundingSet=
CPUSchedulingPolicy=batch
ExecStart=
ExecStart=/usr/bin/certbot -q renew --no-random-sleep-on-renew
ExecStart=/usr/bin/certbot -q renew --no-random-sleep-on-renew --max-log-backups 0
LockPersonality=true
MemoryDenyWriteExecute=true
PrivateDevices=true