GoAccess: add for caddy logs monitoring

2026-04-29 20:10:08 +03:00
parent 27834c6711
commit 4d92b3bd3e
9 changed files with 215 additions and 0 deletions
@@ -4,6 +4,7 @@

  vars_files:
    - vars/secrets.yml
+    - vars/vars.yml

  vars:
    app_name: "caddyproxy"
@@ -41,6 +42,35 @@
        - "{{ config_dir }}"
        - "{{ caddy_file_dir }}"

+    # Shared HTTP access log directory: caddy writes here, other
+    # containers (goaccess, etc.) mount it read-only. Dir mode 0755
+    # so anyone can list/read; the file mode itself comes from the
+    # `mode 644` option in the Caddyfile log snippet.
+    - name: "Create shared caddy logs directory"
+      ansible.builtin.file:
+        path: "{{ caddy_logs_dir }}"
+        state: "directory"
+        owner: "{{ app_user }}"
+        group: "{{ app_user }}"
+        mode: "0755"
+
+    - name: "Find pre-existing caddy log files"
+      ansible.builtin.find:
+        paths: "{{ caddy_logs_dir }}"
+        file_type: "file"
+      register: caddy_log_files
+
+    # Lumberjack created earlier files with 0600 before we set `mode`
+    # in the Caddyfile; relax them so existing rotated archives stay
+    # readable to consumers.
+    - name: "Relax mode on pre-existing caddy log files"
+      ansible.builtin.file:
+        path: "{{ item.path }}"
+        mode: "0644"
+      loop: "{{ caddy_log_files.files }}"
+      loop_control:
+        label: "{{ item.path }}"
+
    - name: "Copy caddy file"
      ansible.builtin.template:
        src: "./files/{{ app_name }}/Caddyfile.j2"