diff --git a/core/admin/Dockerfile b/core/admin/Dockerfile index e6d70e61..32f8dc76 100644 --- a/core/admin/Dockerfile +++ b/core/admin/Dockerfile @@ -23,7 +23,7 @@ RUN set -euxo pipefail \ RUN echo $VERSION >/version #EXPOSE 80/tcp -HEALTHCHECK CMD curl -skfLo /dev/null http://localhost/sso/login?next=ui.index +HEALTHCHECK CMD curl -skfLo /dev/null http://localhost/ping VOLUME ["/data","/dkim"] diff --git a/core/admin/mailu/__init__.py b/core/admin/mailu/__init__.py index e29eff91..e1347eac 100644 --- a/core/admin/mailu/__init__.py +++ b/core/admin/mailu/__init__.py @@ -5,9 +5,24 @@ import flask import flask_bootstrap from mailu import utils, debug, models, manage, configuration +from gunicorn import glogging +import logging import hmac +class NoPingFilter(logging.Filter): + def filter(self, record): + if not (record.args['{host}i'] == 'localhost' and record.args['r'] == 'GET /ping HTTP/1.1'): + return True + +class Logger(glogging.Logger): + def setup(self, cfg): + super().setup(cfg) + + # Add filters to Gunicorn logger + logger = logging.getLogger("gunicorn.access") + logger.addFilter(NoPingFilter()) + def create_app_from_config(config): """ Create a new application based on the given configuration """ @@ -69,6 +84,10 @@ def create_app_from_config(config): def format_datetime(value): return utils.flask_babel.format_datetime(value) if value else '' + def ping(): + return '' + app.route('/ping')(ping) + # Import views from mailu import ui, internal, sso, api app.register_blueprint(ui.ui, url_prefix=app.config['WEB_ADMIN']) diff --git a/core/admin/start.py b/core/admin/start.py index 9b1ef530..0d7f2110 100755 --- a/core/admin/start.py +++ b/core/admin/start.py @@ -52,12 +52,15 @@ def test_DNS(): test_DNS() -start_command="".join([ - "gunicorn --threads ", str(os.cpu_count()), - " -b :80 ", - "--access-logfile - " if (log.root.level<=log.INFO) else "", - "--error-logfile - ", - "--preload ", +start_command=" ".join([ + "gunicorn", + f"--threads {str(os.cpu_count())}", + "-b :80", + "--logger-class mailu.Logger", + "--worker-tmp-dir /dev/shm", + "--access-logfile -" if (log.root.level<=log.INFO) else "", + "--error-logfile -", + "--preload", "'mailu:create_app()'"]) os.system(start_command) diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile index 0796e587..d2260c98 100644 --- a/core/dovecot/Dockerfile +++ b/core/dovecot/Dockerfile @@ -16,7 +16,7 @@ COPY start.py / RUN echo $VERSION >/version EXPOSE 110/tcp 143/tcp 993/tcp 4190/tcp 2525/tcp -HEALTHCHECK --start-period=350s CMD echo QUIT|nc localhost 110|grep "Dovecot ready." +HEALTHCHECK CMD echo PING|nc -w2 localhost 5001|grep "PONG" VOLUME ["/mail"] diff --git a/core/dovecot/conf/dovecot.conf b/core/dovecot/conf/dovecot.conf index c60f7491..f501a5f9 100644 --- a/core/dovecot/conf/dovecot.conf +++ b/core/dovecot/conf/dovecot.conf @@ -95,6 +95,13 @@ service auth-worker { } } +service health-check { + executable = script -p health-check.sh + inet_listener health-check { + port = 5001 + } +} + ############### # IMAP & POP ############### diff --git a/core/postfix/conf/rsyslog.conf b/core/postfix/conf/rsyslog.conf index 6423eb4d..2cda8fb5 100644 --- a/core/postfix/conf/rsyslog.conf +++ b/core/postfix/conf/rsyslog.conf @@ -1,41 +1,43 @@ -# rsyslog configuration file -# -# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html -# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html -# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html - - -#### Global directives #### - -# Sets the directory that rsyslog uses for work files. -$WorkDirectory /var/lib/rsyslog - -# Sets default permissions for all log files. -$FileOwner root -$FileGroup adm -$FileCreateMode 0640 -$DirCreateMode 0755 -$Umask 0022 - -# Reduce repeating messages (default off). -$RepeatedMsgReduction on - - -#### Modules #### - -# Provides support for local system logging (e.g. via logger command). -module(load="imuxsock") - -#### Rules #### - -# Discard messages from local test requests -:msg, contains, "connect from localhost[127.0.0.1]" ~ -:msg, contains, "connect from localhost[::1]" ~ - -{% if POSTFIX_LOG_FILE %} -# Log mail logs to file -mail.* -{{POSTFIX_LOG_FILE}} -{% endif %} - -# Log mail logs to stdout -mail.* -/dev/stdout +# rsyslog configuration file +# +# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html +# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html +# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html + + +#### Global directives #### + +# Sets the directory that rsyslog uses for work files. +$WorkDirectory /var/lib/rsyslog + +# Sets default permissions for all log files. +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# Reduce repeating messages (default off). +$RepeatedMsgReduction on + + +#### Modules #### + +# Provides support for local system logging (e.g. via logger command). +module(load="imuxsock") + +#### Rules #### + +# Discard messages from local test requests +:msg, contains, "connect from localhost[127.0.0.1]" ~ +:msg, contains, "connect from localhost[::1]" ~ +:msg, contains, "haproxy read: short protocol header: QUIT" ~ +:msg, contains, "discarding EHLO keywords: PIPELINING" ~ + +{% if POSTFIX_LOG_FILE %} +# Log mail logs to file +mail.* -{{POSTFIX_LOG_FILE}} +{% endif %} + +# Log mail logs to stdout +mail.* -/dev/stdout diff --git a/towncrier/newsfragments/2606.misc b/towncrier/newsfragments/2606.misc new file mode 100644 index 00000000..a4333c8e --- /dev/null +++ b/towncrier/newsfragments/2606.misc @@ -0,0 +1 @@ +Modify the healtchecks to make them disapear from the logs.