diff --git a/docker/ELK/compose.yml b/docker/ELK/compose.yml new file mode 100644 index 0000000..16ab019 --- /dev/null +++ b/docker/ELK/compose.yml @@ -0,0 +1,4 @@ +include: + - ./logstash/compose.yml + # - ./kibana/compose.yml + # - ./elasticsearch/compose.yml diff --git a/docker/ELK/elasticsearch/Dockerfile b/docker/ELK/elasticsearch/Dockerfile new file mode 100644 index 0000000..d5cee85 --- /dev/null +++ b/docker/ELK/elasticsearch/Dockerfile @@ -0,0 +1,3 @@ +FROM docker.elastic.co/elasticsearch/elasticsearch-wolfi:9.0.3 + +COPY --chown=elasticsearch:elasticsearch elasticsearch.yml /usr/share/elasticsearch/config/ diff --git a/docker/ELK/elasticsearch/compose.yml b/docker/ELK/elasticsearch/compose.yml new file mode 100644 index 0000000..6341ac2 --- /dev/null +++ b/docker/ELK/elasticsearch/compose.yml @@ -0,0 +1,10 @@ +services: + elasticsearch: + container_name: transcendence-elasticsearch + build: + dockerfile: Dockerfile + context: . + environment: + - LOG_LEVEL=info + - ELASTIC_PASSWORD=${ELASTIC_PASSWORD} + mem_limit: 1gb diff --git a/docker/ELK/elasticsearch/elasticsearch.yml b/docker/ELK/elasticsearch/elasticsearch.yml new file mode 100644 index 0000000..e69de29 diff --git a/docker/ELK/kibana/Dockerfile b/docker/ELK/kibana/Dockerfile new file mode 100644 index 0000000..78fcc00 --- /dev/null +++ b/docker/ELK/kibana/Dockerfile @@ -0,0 +1 @@ +FROM kibana:9.0.3 diff --git a/docker/ELK/kibana/compose.yml b/docker/ELK/kibana/compose.yml new file mode 100644 index 0000000..e69de29 diff --git a/docker/ELK/logstash/Dockerfile b/docker/ELK/logstash/Dockerfile new file mode 100644 index 0000000..03cb881 --- /dev/null +++ b/docker/ELK/logstash/Dockerfile @@ -0,0 +1,6 @@ +FROM docker.elastic.co/logstash/logstash-wolfi:9.0.3 + +RUN rm -f /usr/share/logstash/pipeline/logstash.conf + +COPY --chmod=777 pipeline/ /usr/share/logstash/pipeline/ +COPY --chmod=777 config/ /usr/share/logstash/config/ diff --git a/docker/ELK/logstash/compose.yml b/docker/ELK/logstash/compose.yml new file mode 100644 index 0000000..700e695 --- /dev/null +++ b/docker/ELK/logstash/compose.yml @@ -0,0 +1,14 @@ +services: + logstash: + container_name: transcendence-logstash + build: + dockerfile: Dockerfile + context: . + volumes: + - log-user:/var/log/user-api + - log-auth:/var/log/auth-api + - log-nginx:/var/log/nginx + environment: + - LOG_LEVEL=info + networks: + - elk diff --git a/docker/ELK/logstash/config/logstash.yml b/docker/ELK/logstash/config/logstash.yml new file mode 100644 index 0000000..b9838aa --- /dev/null +++ b/docker/ELK/logstash/config/logstash.yml @@ -0,0 +1,2 @@ +api: + environment: production diff --git a/docker/ELK/logstash/pipeline/logstash.conf b/docker/ELK/logstash/pipeline/logstash.conf new file mode 100644 index 0000000..1a53ae5 --- /dev/null +++ b/docker/ELK/logstash/pipeline/logstash.conf @@ -0,0 +1,27 @@ +input { + file { + path => "/var/log/user-api/log.log" + start_position => "beginning" + tags => [ "api", "user" ] + } + file { + path => "/var/log/auth-api/log.log" + start_position => "beginning" + tags => [ "api", "auth" ] + } + file { + path => "/var/log/nginx/log.log" + start_position => "beginning" + tags => [ "nginx", "front" ] + } + file { + path => "/var/log/nginx/err.log" + start_position => "beginning" + tags => [ "nginx", "front", "error" ] + } +} + +output { + elasticsearch { hosts => ["transcendence-elasticsearch:9200"] } + stdout { codec => rubydebug } +} diff --git a/docker/api-base/Dockerfile b/docker/api-base/Dockerfile index 8513be8..142d056 100644 --- a/docker/api-base/Dockerfile +++ b/docker/api-base/Dockerfile @@ -24,5 +24,7 @@ EXPOSE 3000 RUN mkdir /db STOPSIGNAL SIGINT +ENV LOG_TARGET=/var/log/log.log +RUN touch /var/log/log.log CMD [ "node", "/app/src/start.js" ] diff --git a/docker/api-base/compose.yml b/docker/api-base/compose.yml index 3aa20a8..df8ce09 100644 --- a/docker/api-base/compose.yml +++ b/docker/api-base/compose.yml @@ -6,6 +6,7 @@ services: context: ../../ volumes: - db-user:/db + - log-user:/var/log networks: - front - back @@ -22,6 +23,7 @@ services: context: ../../ volumes: - db-auth:/db + - log-auth:/var/log networks: - front - back diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 8a890f4..9e49825 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -6,3 +6,4 @@ include: - ./monitoring/compose.yml - ./api-base/compose.yml - ./front/compose.yml + - ./ELK/compose.yml diff --git a/docker/front/Dockerfile b/docker/front/Dockerfile index f5e1207..c900cf6 100644 --- a/docker/front/Dockerfile +++ b/docker/front/Dockerfile @@ -25,5 +25,13 @@ COPY --chmod=755 docker/front/entry/ssl-cert.sh /docker-entrypoint.d/ssl-cert.s COPY --from=builder /app/dist /usr/share/nginx/html +USER root +RUN mkdir -p /var/log/front +RUN touch /var/log/front/err.log /var/log/front/log.log +RUN chmod -R 777 /var/log/front +USER nginx + + + EXPOSE 80 443 STOPSIGNAL SIGINT diff --git a/docker/front/compose.yml b/docker/front/compose.yml index c748cff..593bf8b 100644 --- a/docker/front/compose.yml +++ b/docker/front/compose.yml @@ -6,6 +6,8 @@ services: context: ../../ ports: - ${OUT_PORT}:443 + volumes: + - log-nginx:/var/log/front environment: - SERVER_NAME=localhost - TZ=Europe/Paris diff --git a/docker/front/config/default.conf.template b/docker/front/config/default.conf.template index b199b9b..8574aee 100644 --- a/docker/front/config/default.conf.template +++ b/docker/front/config/default.conf.template @@ -1,4 +1,7 @@ server { + error_log /var/log/front/err.log warn; + access_log /var/log/front/log.log; + listen 443 ssl; server_name example.com; # Replace with your domain or handle env vars externally diff --git a/docker/networks.yml b/docker/networks.yml index 9ce0fe6..7e28b60 100644 --- a/docker/networks.yml +++ b/docker/networks.yml @@ -7,3 +7,5 @@ networks: name: transcendence-prom prom-exporter: name: transcendence-prom-exporter + elk: + name: transcendence-elk diff --git a/docker/volumes.yml b/docker/volumes.yml index e67d472..f05e822 100644 --- a/docker/volumes.yml +++ b/docker/volumes.yml @@ -5,3 +5,9 @@ volumes: name: transcendence-api-auth-db db-user: name: transcendence-api-user-db + log-auth: + name: transcendence-api-auth-log + log-user: + name: transcendence-api-user-log + log-nginx: + name: transcendence-front-log diff --git a/src/start.js b/src/start.js index 6111c96..3a0e40a 100644 --- a/src/start.js +++ b/src/start.js @@ -10,7 +10,8 @@ const loggerOption = { translateTime: 'HH:MM:ss', ignore: 'pid,hostname' } - } + }, + file: process.env.LOG_TARGET || "" }; function sigHandle(signal) {