From 5656befeb7d7fa5b11675c1b96d356dba5f2baef Mon Sep 17 00:00:00 2001
From: Christian Boltz <opensuse@cboltz.de>
Date: Jul 19 2017 21:57:22 +0000
Subject: write a separate /var/log/apache2/$wiki-access_log for each wiki


This includes the needed adjustments in the apache config, AppArmor and
also logrotate.

---

diff --git a/salt/profile/wiki/apache.sls b/salt/profile/wiki/apache.sls
index 1b65b8a..8b40a01 100644
--- a/salt/profile/wiki/apache.sls
+++ b/salt/profile/wiki/apache.sls
@@ -26,3 +26,7 @@ apache2_running:
     - repl: APACHE_MODULES="        alias apparmor auth_basic authn_file authz_host authz_groupfile authz_core authz_user               dir env expires include log_config mime negotiation setenvif     socache_shmcb         reqtimeout authn_core php7 rewrite"
     - listen_in:
       - service: apache2
+
+/etc/logrotate.d/apache2-wiki:
+  file.managed:
+    - source: salt://profile/wiki/files/apache2-wiki.logrotate
diff --git a/salt/profile/wiki/files/apache-vhost.conf b/salt/profile/wiki/files/apache-vhost.conf
index 0bd16ef..ebbddcf 100644
--- a/salt/profile/wiki/files/apache-vhost.conf
+++ b/salt/profile/wiki/files/apache-vhost.conf
@@ -29,7 +29,7 @@
     php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f noreply+{{ wiki }}-wiki@opensuse.org"
 
     LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{X-Forwarded-For}i\"" combinedproxy
-    CustomLog "/var/log/apache2/access_log" combinedproxy
+    CustomLog "/var/log/apache2/{{ wiki }}-access_log" combinedproxy
 
 </VirtualHost>
 
diff --git a/salt/profile/wiki/files/apache2-wiki.logrotate b/salt/profile/wiki/files/apache2-wiki.logrotate
new file mode 100644
index 0000000..0f95953
--- /dev/null
+++ b/salt/profile/wiki/files/apache2-wiki.logrotate
@@ -0,0 +1,15 @@
+/var/log/apache2/*-access_log {
+    compress
+    dateext
+    maxage 365
+    rotate 99
+    size=+4096k
+    notifempty
+    missingok
+    create 644 root root
+    sharedscripts
+    postrotate
+     systemctl reload apache2.service
+     sleep 60
+    endscript
+}
diff --git a/salt/profile/wiki/files/httpd2-prefork.apparmor b/salt/profile/wiki/files/httpd2-prefork.apparmor
index 36e5d80..561aeef 100644
--- a/salt/profile/wiki/files/httpd2-prefork.apparmor
+++ b/salt/profile/wiki/files/httpd2-prefork.apparmor
@@ -121,8 +121,8 @@ profile httpd2-prefork /usr/sbin/httpd{,2}-prefork flags=(complain,attach_discon
     /usr/bin/timeout rix,
     /usr/share/mediawiki_1_27/extensions/SyntaxHighlight_GeSHi/pygments/pygmentize Px -> pygmentize,
     /usr/sbin/sendmail PUx,
-    /var/log/apache2/access_log w,
-    /var/log/apache2/access_log-20[12][0-9][01][0-9][0-3][0-9] w,
+    /var/log/apache2/{{wiki}}}-access_log w,
+    /var/log/apache2/{{wiki}}}-access_log-20[12][0-9][01][0-9][0-3][0-9] w,
     /var/log/apache2/error_log w,
 
     /srv/www/{{wiki}}.opensuse.org/cache/ r,