prod/infra/logrotate/logrotate_system.conf.j2

# Logrotate configuration for system services
# This file manages log rotation for system services

# Nginx logs
/var/log/nginx/*.log {
    daily
    missingok
    rotate {{ lookup('env', 'LOGROTATE_RETENTION_DAYS') | default('30') }}
    {% if lookup('env', 'LOGROTATE_COMPRESS') | default('true') | lower == 'true' %}compress{% endif %}
    {% if lookup('env', 'LOGROTATE_DELAYCOMPRESS') | default('true') | lower == 'true' %}delaycompress{% endif %}
    notifempty
    create 0644 www-data adm
    sharedscripts
    postrotate
        if [ -f /var/run/nginx.pid ]; then
            kill -USR1 `cat /var/run/nginx.pid`
        fi
    endscript
}

# System logs
/var/log/syslog {
    daily
    missingok
    rotate 7
    compress
    delaycompress
    notifempty
    create 0644 syslog adm
    postrotate
        /usr/lib/rsyslog/rsyslog-rotate
    endscript
}

/var/log/mail.info
/var/log/mail.warn
/var/log/mail.err
/var/log/mail.log
/var/log/daemon.log
/var/log/kern.log
/var/log/auth.log
/var/log/user.log
/var/log/lpr.log
/var/log/cron.log
/var/log/debug
/var/log/messages {
    daily
    missingok
    rotate 7
    compress
    delaycompress
    notifempty
    create 0644 syslog adm
    sharedscripts
    postrotate
        /usr/lib/rsyslog/rsyslog-rotate
    endscript
}

# Fail2ban logs
/var/log/fail2ban.log {
    daily
    missingok
    rotate 7
    compress
    delaycompress
    notifempty
    create 0644 root root
    postrotate
        systemctl reload fail2ban
    endscript
}

# Docker daemon logs
/var/log/docker.log {
    daily
    missingok
    rotate 7
    compress
    delaycompress
    notifempty
    create 0644 root root
    postrotate
        systemctl reload docker
    endscript
}

# Prometheus node exporter logs
/var/log/prometheus-node-exporter.log {
    daily
    missingok
    rotate 7
    compress
    delaycompress
    notifempty
    create 0644 prometheus prometheus
    postrotate
        systemctl reload prometheus-node-exporter
    endscript
}