From 6f884c6c93e614210569aa2b26aa7879e7f096b2 Mon Sep 17 00:00:00 2001 From: Pim van den Berg Date: Wed, 15 Jun 2022 14:30:26 +0200 Subject: [PATCH] roundcube: disable access log As per discussion in #2360: The front container (nginx reverse proxy) is already logging all requests, disable the access logs for apache2 in the roundcube container completely. --- towncrier/newsfragments/2360.bugfix | 1 - webmails/roundcube/Dockerfile | 6 ++---- webmails/roundcube/remoteip.conf | 2 -- webmails/roundcube/start.py | 5 ++--- 4 files changed, 4 insertions(+), 10 deletions(-) delete mode 100644 towncrier/newsfragments/2360.bugfix delete mode 100644 webmails/roundcube/remoteip.conf diff --git a/towncrier/newsfragments/2360.bugfix b/towncrier/newsfragments/2360.bugfix deleted file mode 100644 index 41720908..00000000 --- a/towncrier/newsfragments/2360.bugfix +++ /dev/null @@ -1 +0,0 @@ -roundcube: log actual client ip by using apache2 remoteip diff --git a/webmails/roundcube/Dockerfile b/webmails/roundcube/Dockerfile index 916cd0e5..04d92d3a 100644 --- a/webmails/roundcube/Dockerfile +++ b/webmails/roundcube/Dockerfile @@ -21,8 +21,7 @@ RUN set -eu \ && pip3 install socrate \ && echo date.timezone=UTC > /usr/local/etc/php/conf.d/timezone.ini \ && echo "ServerSignature Off\nServerName roundcube" >> /etc/apache2/apache2.conf \ - && sed -i 's,LogFormat "%h \(.*\) combined,Logformat "%a \1 combined,' /etc/apache2/apache2.conf \ - && sed -i 's,CustomLog.*combined$,\0 "'"expr=!(%{HTTP_USER_AGENT}=='health'\&\&(-R '127.0.0.1/8' || -R '::1'))"'",' /etc/apache2/sites-available/000-default.conf \ + && sed -i '/CustomLog.*combined$/d' /etc/apache2/sites-available/000-default.conf \ \ && mark="$(apt-mark showmanual)" \ && apt install -y --no-install-recommends \ @@ -57,7 +56,7 @@ RUN set -eu \ && chown -R root:root . \ && chown www-data:www-data logs temp \ && chmod -R a+rX . \ - && a2enmod rewrite deflate expires headers remoteip \ + && a2enmod rewrite deflate expires headers \ && echo date.timezone=${TZ} > /usr/local/etc/php/conf.d/timezone.ini \ && rm -rf plugins/{autologon,example_addressbook,http_authentication,krb_authentication,new_user_identity,password,redundant_attachments,squirrelmail_usercopy,userinfo,virtuser_file,virtuser_query} @@ -66,7 +65,6 @@ RUN set -eu \ COPY mailu.php /var/www/html/plugins/mailu/mailu.php COPY php.ini / COPY config.inc.php / -COPY remoteip.conf / COPY start.py / COPY config.inc.carddav.php /var/www/html/plugins/carddav/config.inc.php diff --git a/webmails/roundcube/remoteip.conf b/webmails/roundcube/remoteip.conf deleted file mode 100644 index 52895749..00000000 --- a/webmails/roundcube/remoteip.conf +++ /dev/null @@ -1,2 +0,0 @@ -RemoteIPHeader X-Forwarded-For -RemoteIPTrustedProxy {{ FRONT_ADDRESS }} diff --git a/webmails/roundcube/start.py b/webmails/roundcube/start.py index 18196979..bea31f4b 100755 --- a/webmails/roundcube/start.py +++ b/webmails/roundcube/start.py @@ -72,9 +72,8 @@ conf.jinja("/config.inc.php", context, "/var/www/html/config/config.inc.php") # create dirs os.system("mkdir -p /data/gpg") -# configure apache2 -conf.jinja("/remoteip.conf", context, "/etc/apache2/conf-available/remoteip.conf") -os.system("a2enconf remoteip") +# disable access log for VirtualHosts that don't define their own logfile +os.system("a2disconf other-vhosts-access-log") print("Initializing database") try: