nginx配置logrotate的坑s

最近需要用到利用nginx服务来接收日志并用logrotate服务来删除和备份nginx产生的日志,有不少坑,下面详细介绍下。

  • 用户权限问题

能拿到root权限,尽量用root来配置和操作,实在不行的话配置下sudo权限

  • nginx配置

正确指定好路径安装好后,配置一般来说与网上给出的例子差别不大,具体与你要实现的功能有关。下面是我的例子


#user  nobody;
worker_processes  auto;

pid        /home/www-data/usr/run/nginx.pid;
include /home/www-data/usr/conf/.*conf;

events {
    worker_connections  1024;
}

http {
    
    include /home/www-data/usr/conf/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                                        '"$status" $body_bytes_sent "$http_referer" '
                                        '"$http_user_agent" "$http_x_forwarded_for" '
                                        '"$gzip_ratio" $request_time $bytes_sent $request_length '
                                        '$request_body ';

    sendfile        on;
    tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    types_hash_max_size 2048;

    access_log  /srv/data0/nginx/access.log  main;
    error_log /srv/data0/nginx/error.log;

    gzip  on;
    gzip_disable "msie6";

    server {
        listen 8080 default_server;
	listen [::]:8080 default_server;
        server_name  dataai.hz.netease.com 127.0.0.1;

	root /var/www/html;
	# Add index.php to the list if you are using PHP
	index index.html index.htm index.nginx-debian.html;

        #charset koi8-r;

        location /game/events {
            #root   html;
            #index  index.html index.htm;
            echo_read_request_body;
        }
	
	location /foo {
            set $test 0;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        #error_page   500 502 503 504  /50x.html;
        #location = /50x.html {
            #root   html;
        #}

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }

}

具体配置细节可以百度,有些额外的功能比如我的echo_read_request_body功能是nginx额外的模块,需要下载代码安装命令参考:

./configure --add-module=${rootPath}s_2_s_deploy/echo-nginx-module-master --prefix=${rootPath}/usr && make -j8 && make install

配置完,运行一般没啥坑。

 

  • logrotate配置

 一般来说,logrotate是linux自带的服务,配置的话是根据不同日志服务单独有一个配置文件,一般是在/etc/logrotate.d,下面是我的配置:

#include /etc/logrotate.d

/srv/data0/nginx/*.log {

	daily
	missingok
	rotate 16
	dateext
	dateformat %Y%m%d%s
	compress
	delaycompress
	notifempty
	create 0644 www-data root
	sharedscripts
	prerotate
		if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
			run-parts /etc/logrotate.d/httpd-prerotate; \
		fi \
	endscript
	postrotate
		sudo service nginx rotate >/dev/null 2>&1
	endscript
}

注意结尾的

postrotate
        sudo service nginx rotate >/dev/null 2>&1
endscript

很多文章里面 都有这一句(没有sudo),也不说是为什么,其实这是在所有日志备份完成后发信号告诉nginx让他写新的access.log。要完成这个功能就需要在系统(centos)的/etc/init.d/目录下有对应的nginx脚本,入参是rotate。坑来了,很多时候安装之后根本没有在/etc/init.d/目录下放置这个脚本,所以就会导致nginx一直在写同一个文件。那我们就需要自己写一个类似的脚本即可。给出我的脚本:

#!/bin/bash
# nginx  This shell script takes care of nginx

STARTCMD=/home/www-data/usr/sbin/nginx
config_file=/home/www-data/usr/conf/nginx.conf

rotate () {
    if [ ! -f /home/www-data/usr/run/nginx.pid ]; then
	${STARTCMD} -c ${config_file}
    else
	 kill -USR1 `cat /home/www-data/usr/run/nginx.pid`
    fi
}

case "$1" in
    rotate)
        rotate
        ;;
    *)
        N=/etc/init.d/nginx
        echo "Usage: $N {rotate}"
        exit 0
        ;;
esac

exit 0

nginx支持多个信号(具体官网上有),我们就需要发送USR1信号nginx,让他写新的access.log即可

  • crontab配置

0 */3 * * * /usr/sbin/logrotate -s /home/www-data/logrotate_config/logrotate.status -f /home/www-data/logrotate_config > /dev/null 2>&1

-s指定状态文件

-f指定配置文件

你可能感兴趣的:(nginx配置logrotate的坑s)