gateway: Add logrotate functionality

Signed-off-by: David Galloway <dgallowa@redhat.com>

diff --git a/roles/gateway/README.rst b/roles/gateway/README.rst
index c335c40946dcd0f7844123dfddc7e8dd6c54d754..565cae3666c30d2d6ad71641bdc137cf4550abed 100644 (file)
--- a/roles/gateway/README.rst
+++ b/roles/gateway/README.rst
@@ -152,6 +152,5 @@ To Do
 
 - Support installation of new OpenVPN gateway from scratch
 - Generate and pull (to secrets?) CA, keys, and certificates
-- Configure log rotation
 
 .. _Sepia: https://ceph.github.io/sepia/

diff --git a/roles/gateway/files/openvpn.logrotate b/roles/gateway/files/openvpn.logrotate
new file mode 100644 (file)
index 0000000..e629e09
--- /dev/null
+++ b/roles/gateway/files/openvpn.logrotate
@@ -0,0 +1,9 @@
+/var/log/openvpn.log {
+       daily
+       size 100M
+       rotate 14
+       compress
+       missingok
+       copytruncate
+       create 644 nobody nobody
+}

diff --git a/roles/gateway/tasks/main.yml b/roles/gateway/tasks/main.yml
index 9629f6dde8e1bd664abd7251719719710e6c5ddc..f1f68619cba2c9a7bace1f2998286c446ed0208f 100644 (file)
--- a/roles/gateway/tasks/main.yml
+++ b/roles/gateway/tasks/main.yml
@@ -49,3 +49,8 @@
     name: "openvpn@{{ openvpn_server_name }}"
     state: started
     enabled: yes
+
+- name: Write logrotate conf file
+  copy:
+    src: files/openvpn.logrotate
+    dest: /etc/logrotate.d/openvpn