Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-11-24 16:53:07 -05:00
Code Issues Projects Releases Packages Wiki Activity

syslog-ng: add socket for nginx error logs

Browse source 
The error log is fairly quiet during regular use but can end up logging
one or more lines per request during DDoS attacks. Errors are logged for
worker_connections depletion and limit_conn rejections. There's also
currently an nginx bug with modern TLS and OpenSSL causing some client
side TLS errors to be logged as crit instead of info.
This commit is contained in:
Daniel Micay 2025-11-03 11:38:52 -05:00
parent 386d332aaf
commit 39b6de58dd
1 changed files with 14 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

18
etc/syslog-ng/syslog-ng.conf
View file

@ -3,24 +3,34 @@
source s_internal {
internal();
};
source s_nginx_access_log {
source s_nginx_access {
unix-dgram("/run/nginx-access-log" group("http") perm(0660));
};
source s_nginx_error {
unix-dgram("/run/nginx-error-log" group("http") perm(0660));
};
destination d_journald {
unix-dgram("/dev/log");
};
destination d_nginx {
destination d_nginx_access {
file("/var/log/nginx/access.log" template("${MESSAGE}\n"));
};
destination d_nginx_error {
file("/var/log/nginx/error.log" template("${MESSAGE}\n"));
};
log {
source(s_internal);
destination(d_journald);
};
log {
source(s_nginx_access_log);
destination(d_nginx);
source(s_nginx_access);
destination(d_nginx_access);
};
log {
source(s_nginx_error);
destination(d_nginx_error);
};
options {