Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-11-24 00:33:09 -05:00
Code Issues Projects Releases Packages Wiki Activity
829 commits 1 branch 0 tags 3.4 MiB
Commit graph

5 commits

Author SHA1 Message Date
Daniel Micay
c9fae6c345 syslog-ng: split nginx configuration into conf.d 2025-11-08 13:44:52 -05:00
Daniel Micay
3682298d01 syslog-ng: raise frac-digits to 3 2025-11-08 02:41:34 -05:00
Daniel Micay
a05232d2f6 add syslog-ng include directory 2025-11-08 01:41:56 -05:00
Daniel Micay
39b6de58dd syslog-ng: add socket for nginx error logs 
The error log is fairly quiet during regular use but can end up logging
one or more lines per request during DDoS attacks. Errors are logged for
worker_connections depletion and limit_conn rejections. There's also
currently an nginx bug with modern TLS and OpenSSL causing some client
side TLS errors to be logged as crit instead of info.
 2025-11-03 12:53:24 -05:00
Daniel Micay
2caa67529a set up syslog-ng for nginx access log 
This sets up the infrastructure for moving from storing nginx access
logs in journald to plain text files written by syslog-ng and rotated by
logrotate. This works around the poor performance, poor space efficiency
and lack of archived log compression for journald. Unlike writing access
logs directly with nginx, this continues avoiding blocking writes in the
event loop and sticks to asynchronous sends through a socket.

Since nginx only supports syslog via the RFC 3164 protocol rather than
the more modern RFC 5424 protocol, this leaves formatting timestamps up
to nginx rather than using the ones provided via the syslog protocol.
 2025-11-03 00:33:28 -05:00