最近需要用到利用nginx服务来接收日志并用logrotate服务来删除和备份nginx产生的日志,有不少坑,下面详细介绍下。
能拿到root权限,尽量用root来配置和操作,实在不行的话配置下sudo权限
正确指定好路径安装好后,配置一般来说与网上给出的例子差别不大,具体与你要实现的功能有关。下面是我的例子
#user nobody;
worker_processes auto;
pid /home/www-data/usr/run/nginx.pid;
include /home/www-data/usr/conf/.*conf;
events {
worker_connections 1024;
}
http {
include /home/www-data/usr/conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$gzip_ratio" $request_time $bytes_sent $request_length '
'$request_body ';
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
types_hash_max_size 2048;
access_log /srv/data0/nginx/access.log main;
error_log /srv/data0/nginx/error.log;
gzip on;
gzip_disable "msie6";
server {
listen 8080 default_server;
listen [::]:8080 default_server;
server_name dataai.hz.netease.com 127.0.0.1;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
#charset koi8-r;
location /game/events {
#root html;
#index index.html index.htm;
echo_read_request_body;
}
location /foo {
set $test 0;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
#root html;
#}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
}
具体配置细节可以百度,有些额外的功能比如我的echo_read_request_body功能是nginx额外的模块,需要下载代码安装命令参考:
./configure --add-module=${rootPath}s_2_s_deploy/echo-nginx-module-master --prefix=${rootPath}/usr && make -j8 && make install
配置完,运行一般没啥坑。
一般来说,logrotate是linux自带的服务,配置的话是根据不同日志服务单独有一个配置文件,一般是在/etc/logrotate.d,下面是我的配置:
#include /etc/logrotate.d
/srv/data0/nginx/*.log {
daily
missingok
rotate 16
dateext
dateformat %Y%m%d%s
compress
delaycompress
notifempty
create 0644 www-data root
sharedscripts
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
run-parts /etc/logrotate.d/httpd-prerotate; \
fi \
endscript
postrotate
sudo service nginx rotate >/dev/null 2>&1
endscript
}
注意结尾的
postrotate
sudo service nginx rotate >/dev/null 2>&1
endscript
很多文章里面 都有这一句(没有sudo),也不说是为什么,其实这是在所有日志备份完成后发信号告诉nginx让他写新的access.log。要完成这个功能就需要在系统(centos)的/etc/init.d/目录下有对应的nginx脚本,入参是rotate。坑来了,很多时候安装之后根本没有在/etc/init.d/目录下放置这个脚本,所以就会导致nginx一直在写同一个文件。那我们就需要自己写一个类似的脚本即可。给出我的脚本:
#!/bin/bash
# nginx This shell script takes care of nginx
STARTCMD=/home/www-data/usr/sbin/nginx
config_file=/home/www-data/usr/conf/nginx.conf
rotate () {
if [ ! -f /home/www-data/usr/run/nginx.pid ]; then
${STARTCMD} -c ${config_file}
else
kill -USR1 `cat /home/www-data/usr/run/nginx.pid`
fi
}
case "$1" in
rotate)
rotate
;;
*)
N=/etc/init.d/nginx
echo "Usage: $N {rotate}"
exit 0
;;
esac
exit 0
nginx支持多个信号(具体官网上有),我们就需要发送USR1信号nginx,让他写新的access.log即可
0 */3 * * * /usr/sbin/logrotate -s /home/www-data/logrotate_config/logrotate.status -f /home/www-data/logrotate_config > /dev/null 2>&1
-s指定状态文件
-f指定配置文件