Delay compression of shorewall log files
authorTom Hughes <tom@compton.nu>
Mon, 30 Mar 2015 08:00:24 +0000 (09:00 +0100)
committerTom Hughes <tom@compton.nu>
Mon, 30 Mar 2015 08:00:24 +0000 (09:00 +0100)
cookbooks/networking/recipes/default.rb
cookbooks/networking/templates/default/logrotate.shorewall.erb [new file with mode: 0644]

index 5cb43e807d2376cec48bac71f1c395049fe46046..fe01c04e5634919c7d15c04c41b524805e535d20 100644 (file)
@@ -189,6 +189,14 @@ template "/etc/shorewall/rules" do
   notifies :restart, "service[shorewall]"
 end
 
+template "/etc/logrotate.d/shorewall" do
+  source "logrotate.shorewall.erb"
+  owner "root"
+  group "root"
+  mode 0644
+  variables :name => "shorewall"
+end
+
 firewall_rule "limit-icmp-echo" do
   action :accept
   family :inet
@@ -294,6 +302,14 @@ unless node.interfaces(:family => :inet6).empty?
     notifies :restart, "service[shorewall6]"
   end
 
+  template "/etc/logrotate.d/shorewall6" do
+    source "logrotate.shorewall.erb"
+    owner "root"
+    group "root"
+    mode 0644
+    variables :name => "shorewall6"
+  end
+
   firewall_rule "limit-icmp6-echo" do
     action :accept
     family :inet6
diff --git a/cookbooks/networking/templates/default/logrotate.shorewall.erb b/cookbooks/networking/templates/default/logrotate.shorewall.erb
new file mode 100644 (file)
index 0000000..c95ba74
--- /dev/null
@@ -0,0 +1,10 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+/var/log/<%= @name %>-init.log {
+    weekly
+    rotate 4
+    compress
+    delaycompress
+    missingok
+    create 0640 root adm
+}