software/re6stnet: improve logging and correctly revoke cert

Save HTTP requests to the registry and token manager logs in dedicated log files and correctly logrotate them. Also use a newer version of slapos.cookbook to properly revoke re6st certificate when the slapos shared instance is destroyed. Co-authored-by: Thomas Gambier <thomas.gambier@nexedi.com>

software/re6stnet: improve logging and correctly revoke cert
Save HTTP requests to the registry and token manager logs in dedicated log files and correctly logrotate them. Also use a newer version of slapos.cookbook to properly revoke re6st certificate when the slapos shared instance is destroyed. Co-authored-by: Thomas Gambier <thomas.gambier@nexedi.com>
265e61d4 · Julien Muchembled · Thomas Gambier · 7f337789 · 265e61d4 · 265e61d4
Commit 265e61d4 authored Feb 04, 2025 by Julien Muchembled Committed by Thomas Gambier Feb 19, 2025
Showing with 10 additions and 3 deletions

software/re6stnet/buildout.hash.cfg software/re6stnet/buildout.hash.cfg +1 -1

software/re6stnet/instance-re6stnet.cfg.in software/re6stnet/instance-re6stnet.cfg.in +8 -1

stack/slapos.cfg stack/slapos.cfg +1 -1

No files found.
--- a/software/re6stnet/buildout.hash.cfg
+++ b/software/re6stnet/buildout.hash.cfg
@@ -18,7 +18,7 @@ md5sum = 57ddaa585f4755f8e8d1613e5321eefc

 [template-re6stnet]
 filename = instance-re6stnet.cfg.in
-md5sum = afa3bc5d61b46b244cac6f5e5f8c9441
+md5sum = e0a0cc07d51a5b899f2ca9e4d244e2a6

 [template-apache-conf]
 filename = apache.conf.in

--- a/software/re6stnet/instance-re6stnet.cfg.in
+++ b/software/re6stnet/instance-re6stnet.cfg.in
@@ -108,6 +108,10 @@ wrapper-path = ${directory:services}/re6st-registry
 pidfile = ${directory:run}/registry.pid
 command-line = {{ bin_directory }}/re6st-registry @${re6st-registry-conf:output}
 hash-files = ${re6st-registry-conf:output}
+redirect-signal = USR1
+# HTTP requests are logged to stderr
+redirect-stdout = ${re6stnet-dirs:log}/access.log
+redirect-stderr = ${:redirect-stdout}

 [cron-entry-re6st-backup]
 recipe = slapos.cookbook:cron.d
@@ -143,6 +147,9 @@ environment =
 recipe = slapos.cookbook:wrapper
 wrapper-path = ${directory:script}/re6st-token-manager
 command-line = "{{ python_bin }}" ${re6st-registry:manager-wrapper}
+redirect-signal = USR1
+redirect-stdout = ${re6stnet-dirs:log}/token-manager.log
+redirect-stderr = ${:redirect-stdout}

 [cron-entry-re6st-manage]
 recipe = slapos.cookbook:cron.d
@@ -154,7 +161,7 @@ command = {{ python_bin }} ${re6st-registry:manager-wrapper}
 [logrotate-entry-re6stnet]
 < = logrotate-entry-base
 name = re6stnet
-log = ${re6st-registry-conf-dict:logfile}
+log = ${re6st-registry-conf-dict:logfile} ${re6st-registry-wrapper:redirect-stdout} ${re6stnet-manage:redirect-stdout}
 post = [ ! -s ${re6st-registry-wrapper:pidfile} ] || {{ bin_directory }}/slapos-kill --pidfile ${re6st-registry-wrapper:pidfile} -s USR1

 [port-redirection]

--- a/stack/slapos.cfg
+++ b/stack/slapos.cfg
@@ -360,7 +360,7 @@ sgmllib3k = 1.0.0
 simplegeneric = 0.8.1
 singledispatch = 3.4.0.3
 six = 1.16.0
-slapos.cookbook = 1.0.386
+slapos.cookbook = 1.0.397
 slapos.core = 1.15.0
 slapos.extension.shared = 1.0
 slapos.libnetworkcache = 0.25