Logrotate Apache2 vhosts logs

Hi all,

I'm having a hard time to figure this out. :(

I have 3 apache virtual hosts running on my Linode VPS. I want to rotate them every week (similar to what happens to original apache logs).

I went to /etc/logrotate.d/apache2 (the original file) and edited it:

/var/log/apache2/*.log {
    olddir /var/log/oldlogs/apache2
    weekly
    missingok
    rotate 8
    compress
    delaycompress
    notifempty
    create 640 root adm
    sharedscripts
    postrotate
        if [ -f "`. /etc/apache2/envvars ; echo ${APACHE_PID_FILE:-/var/run/apache2.pid}`" ]; then
            /etc/init.d/apache2 reload > /dev/null
        fi
    endscript
}

# virtual hosts
/home/ngm/www/*/log/*.log {
    olddir old
    weekly
    missingok
    rotate 5200
    compress
    delaycompress
    notifempty
    create 644 root root
    sharedscripts
    postrotate
        if [ -f "`. /etc/apache2/envvars ; echo ${APACHE_PID_FILE:-/var/run/apache2.pid}`" ]; then
            /etc/init.d/apache2 reload > /dev/null
        fi
    endscript
}

This first configuration is the original one, it's working ok. I wrote the second (virtual hosts) for my vhosts based on the first one.

My vhosts logs are rotating fine but apache keeps writing on the old files.

Any suggestion?

Thank you so much.

3 Replies

I post this as a total logrotate noob who just coincidentally happened to configure my own vhosts logrotate block yesterday. A few points to consider:

1. Does the "old" dir in each vhost's "logs" dir already exist? You might have to create it first.

2. A weekly logrotate probably won't run until the second week; the first time it seems to just note that it's looked at that dir, then the next time it runs it'll actually do the rotation.

3. You might want to specify the error.log and access.log files separately in your logrotate block:

/home/ngm/www//log/access.log /home/ngm/www//log/error.log {

Otherwise, I think logrotate might treat them all as one batch, whereas you probably want it to keep so many old access logs, and so many old error logs.

4. Did you really mean "rotate 5200"? My understanding was that this means to keep 5,200 logs in total (5,199 old logs, plus the current one). That seems like a lot. For a weekly log, that's a century worth!

My vhost config (it's a daily rather than weekly) is pretty much identical to yours, except I don't use an olddir and I keep just 7 logs of each type in total. It seems to work fine, judging by the files and their modification dates.

You can do logrotate -d path/to/conf/file to make logrotate run in debug mode, which doesn't actually do any rotation or change its internal state, but spits out some diagnostic info.

I Matt, thank you for your answer.

Bellow I add some notes:

@Matt Gemmell:

I post this as a total logrotate noob who just coincidentally happened to configure my own vhosts logrotate block yesterday. A few points to consider:

1. Does the "old" dir in each vhost's "logs" dir already exist? You might have to create it first.

Yes, it's true. And I took care of it. Logs are rotating correctly (moving to old log, and creating new log file).

> 2. A weekly logrotate probably won't run until the second week; the first time it seems to just note that it's looked at that dir, then the next time it runs it'll actually do the rotation.

Also true, but I set up my system 3 weeks ago. Two rotations already took place. Files are rotated, Apache2 keeps writing in the old ones: access.log.1 and error.log.1

> 3. You might want to specify the error.log and access.log files separately in your logrotate block:

/home/ngm/www//log/access.log /home/ngm/www//log/error.log {

Otherwise, I think logrotate might treat them all as one batch, whereas you probably want it to keep so many old access logs, and so many old error logs.

No, it treats files separatelly. For instance, the apache2 log configuration: /var/log/apache2/*.log { it rotates two files for two files with just one path.

> 4. Did you really mean "rotate 5200"? My understanding was that this means to keep 5,200 logs in total (5,199 old logs, plus the current one). That seems like a lot. For a weekly log, that's a century worth!

Yes, I really meant 5200… it's about 100 years of logs. I wasn't using any analytics software so I wanted to keep all records for futures statistics (num visitors,…) processing. Now I'm using Google Analytics so I'll give up on that.

> My vhost config (it's a daily rather than weekly) is pretty much identical to yours, except I don't use an olddir and I keep just 7 logs of each type in total. It seems to work fine, judging by the files and their modification dates.

You can do logrotate -d path/to/conf/file to make logrotate run in debug mode, which doesn't actually do any rotation or change its internal state, but spits out some diagnostic info.

As I stated, my problem is not in rotation but afterwards. Apache2 keeps writing to the old files. I fix the problem by restarting Apache2 manually.

I don't know what can be wrong.

Look into the postrotate script:

      if [ -f "`. /etc/apache2/envvars ; echo ${APACHE_PID_FILE:-/var/run/apache2.pid}`" ]; then
         /etc/init.d/apache2 reload > /dev/null
      fi

If the command /etc/init.d/apache2 reload works fine by itself, then there's probably some problem with Apache not writing a pid file or writing it someplace it's not expected.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct