Add log config and removed domain (#2194)

removed domainname for coturn service as it is needed only for SSL configs Added log configuration for each service with a rotation and max size ensure ZITADEL_DATABASE=postgres works
2024-11-25 01:23:22 +01:00 · 2024-06-25 13:54:09 +02:00 · 2024-06-25 13:54:09 +02:00 · 43a8ba97e3
commit 43a8ba97e3
parent 17874771cc
2 changed files with 69 additions and 18 deletions
--- a/infrastructure_files/docker-compose.yml.tmpl
+++ b/infrastructure_files/docker-compose.yml.tmpl
@ -28,7 +28,11 @@ services:
      - LETSENCRYPT_EMAIL=$NETBIRD_LETSENCRYPT_EMAIL
    volumes:
      - $LETSENCRYPT_VOLUMENAME:/etc/letsencrypt/
-
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
  # Signal
  signal:
    image: netbirdio/signal:$NETBIRD_SIGNAL_TAG
@ -40,6 +44,11 @@ services:
  #      # port and command for Let's Encrypt validation
  #      - 443:443
  #    command: ["--letsencrypt-domain", "$NETBIRD_LETSENCRYPT_DOMAIN", "--log-file", "console"]
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"

  # Management
  management:
@ -63,12 +72,16 @@ services:
      "--single-account-mode-domain=$NETBIRD_MGMT_SINGLE_ACCOUNT_MODE_DOMAIN",
      "--dns-domain=$NETBIRD_MGMT_DNS_DOMAIN"
      ]
-
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
  # Coturn
  coturn:
    image: coturn/coturn:$COTURN_TAG
    restart: unless-stopped
-    domainname: $TURN_DOMAIN
+    #domainname: $TURN_DOMAIN # only needed when TLS is enabled
    volumes:
      - ./turnserver.conf:/etc/turnserver.conf:ro
    #      - ./privkey.pem:/etc/coturn/private/privkey.pem:ro
@ -76,7 +89,11 @@ services:
    network_mode: host
    command:
      - -c /etc/turnserver.conf
-
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
 volumes:
  $MGMT_VOLUMENAME:
  $SIGNAL_VOLUMENAME:
--- a/infrastructure_files/getting-started-with-zitadel.sh
+++ b/infrastructure_files/getting-started-with-zitadel.sh
@ -463,18 +463,18 @@ initEnvironment() {
    exit 1
  fi

-  if [[ $ZITADEL_DATABASE == "" ]]; then
-    echo "Use Postgres as default Zitadel database."
-    echo "For using CockroachDB please the environment variable 'export ZITADEL_DATABASE=cockroach'."
-    POSTGRES_ROOT_PASSWORD="$(openssl rand -base64 32 | sed 's/=//g')@"
-    POSTGRES_ZITADEL_PASSWORD="$(openssl rand -base64 32 | sed 's/=//g')@"
-    ZDB=$(renderDockerComposePostgres)
-    ZITADEL_DB_ENV=$(renderZitadelPostgresEnv)
-    renderPostgresEnv > zdb.env
-  elif [[ $ZITADEL_DATABASE == "cockroach" ]]; then
-    echo "Use CockroachDB as Zitadel database."
-    ZDB=$(renderDockerComposeCockroachDB)
-    ZITADEL_DB_ENV=$(renderZitadelCockroachDBEnv)
+  if [[ $ZITADEL_DATABASE == "cockroach" ]]; then
+        echo "Use CockroachDB as Zitadel database."
+        ZDB=$(renderDockerComposeCockroachDB)
+        ZITADEL_DB_ENV=$(renderZitadelCockroachDBEnv)
+  else
+      echo "Use Postgres as default Zitadel database."
+      echo "For using CockroachDB please the environment variable 'export ZITADEL_DATABASE=cockroach'."
+      POSTGRES_ROOT_PASSWORD="$(openssl rand -base64 32 | sed 's/=//g')@"
+      POSTGRES_ZITADEL_PASSWORD="$(openssl rand -base64 32 | sed 's/=//g')@"
+      ZDB=$(renderDockerComposePostgres)
+      ZITADEL_DB_ENV=$(renderZitadelPostgresEnv)
+      renderPostgresEnv > zdb.env
  fi

  echo Rendering initial files...
@ -767,11 +767,21 @@ services:
    networks: [netbird]
    env_file:
      - ./dashboard.env
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
  # Signal
  signal:
    image: netbirdio/signal:latest
    restart: unless-stopped
    networks: [netbird]
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
  # Management
  management:
    image: netbirdio/management:latest
@ -789,16 +799,26 @@ services:
      "--dns-domain=netbird.selfhosted",
      "--idp-sign-key-refresh-enabled",
    ]
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
  # Coturn, AKA relay server
  coturn:
    image: coturn/coturn
    restart: unless-stopped
-    domainname: netbird.relay.selfhosted
+    #domainname: netbird.relay.selfhosted
    volumes:
      - ./turnserver.conf:/etc/turnserver.conf:ro
    network_mode: host
    command:
      - -c /etc/turnserver.conf
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
  # Zitadel - identity provider
  zitadel:
    restart: 'always'
@ -813,6 +833,11 @@ services:
    volumes:
      - ./machinekey:/machinekey
      - netbird_zitadel_certs:/zdb-certs:ro
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
 $ZDB
  netbird_zdb_data:
  netbird_management:
@ -842,6 +867,11 @@ renderDockerComposeCockroachDB() {
      timeout: '30s'
      retries: 5
      start_period: '20s'
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"

 volumes:
  netbird_zdb_certs:
@ -865,7 +895,11 @@ renderDockerComposePostgres() {
      timeout: 60s
      retries: 10
      start_period: 5s
-
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "500m"
+        max-file: "2"
 volumes:
 EOF
 }