41 lines
921 B
Markdown
41 lines
921 B
Markdown
|
# Logrotate Audit Runbook (A9)
|
||
|
|
|
||
|
|
**Purpose:** Ensure high-log VMIDs have logrotate or equivalent so `/var/log` does not grow unbounded.
|
||
|
|
|
||
|
|
## VMIDs to audit
|
||
|
|
|
||
|
|
| VMID | Role | Log locations |
|
||
|
|
|------|------|----------------|
|
||
|
|
| 10130, 10150, 10151 | App / DBIS | /var/log, app logs |
|
||
|
|
| 5000 | Blockscout | /var/log, Postgres, indexer |
|
||
|
|
| 10233, 10234 | NPMplus | /var/log, nginx, Docker |
|
||
|
|
| 2400 | Nginx + app | /var/log, Vert.x |
|
||
|
|
|
||
|
|
## How to audit
|
||
|
|
|
||
|
|
From a host with SSH to Proxmox:
|
||
|
|
|
||
|
|
```bash
|
||
|
|
pct exec 5000 -- ls -la /etc/logrotate.d/
|
||
|
|
pct exec 5000 -- du -sh /var/log/* 2>/dev/null | sort -hr
|
||
|
|
```
|
||
|
|
|
||
|
|
## Add logrotate where missing
|
||
|
|
|
||
|
|
Example `/etc/logrotate.d/app` inside CT:
|
||
|
|
|
||
|
|
```
|
||
|
|
/var/log/app/*.log {
|
||
|
|
daily
|
||
|
|
rotate 7
|
||
|
|
compress
|
||
|
|
delaycompress
|
||
|
|
missingok
|
||
|
|
notifempty
|
||
|
|
}
|
||
|
|
```
|
||
|
|
|
||
|
|
Verify: `pct exec <vmid> -- logrotate -d /etc/logrotate.d/yourconfig`
|
||
|
|
|
||
|
|
See **STORAGE_GROWTH_AND_HEALTH.md** and **OPERATIONAL_RUNBOOKS.md**.
|