Merge pull request 'Configure maximum size and timespan of journald logs' (#594) from feature/506-journald_logs_config into master

Reviewed-on: #594
Reviewed-by: Râu Cao <raucao@kosmos.org>

nodes/mastodon-3.json

@@ -37,6 +37,7 @@
       "timezone_iii::debian",
       "ntp::default",
       "ntp::apparmor",
+      "kosmos-base::journald_conf",
       "kosmos-base::systemd_emails",
       "apt::unattended-upgrades",
       "kosmos-base::firewall",

site-cookbooks/kosmos-base/attributes/default.rb

@@ -0,0 +1,2 @@
+node.default["kosmos-base"]["journald"]["system_max_use"] = "256M"
+node.default["kosmos-base"]["journald"]["max_retention_sec"] = "7d"

site-cookbooks/kosmos-base/recipes/default.rb

@@ -27,6 +27,7 @@
 include_recipe 'apt'
 include_recipe 'timezone_iii'
 include_recipe 'ntp'
+include_recipe 'kosmos-base::journald_conf'
 include_recipe 'kosmos-base::systemd_emails'
 
 node.override["apt"]["unattended_upgrades"]["allowed_origins"] = [

site-cookbooks/kosmos-base/recipes/journald_conf.rb

@@ -0,0 +1,14 @@
+#
+# Cookbook Name:: kosmos-base
+# Recipe:: journald_conf
+#
+
+service "systemd-journald"
+
+template "/etc/systemd/journald.conf" do
+  source "journald.conf.erb"
+  variables system_max_use: node["kosmos-base"]["journald"]["system_max_use"],
+            max_retention_sec: node["kosmos-base"]["journald"]["max_retention_sec"]
+  # Restarting journald is required
+  notifies :restart, "service[systemd-journald]", :delayed
+end

site-cookbooks/kosmos-base/templates/default/journald.conf.erb

@@ -0,0 +1,6 @@
+[Journal]
+# Set the maximum size of the journal logs in bytes
+SystemMaxUse=<%= @system_max_use %>
+
+# Set the number of days after which logs will be deleted
+MaxRetentionSec=<%= @max_retention_sec %>

site-cookbooks/kosmos-ejabberd/recipes/default.rb

@@ -110,6 +110,7 @@ hosts = [
         access_persistent: muc_create
         access_register: muc_create
         max_user_conferences: 1000
+        max_users: 2000
         default_room_options:
           mam: true
         preload_rooms: true

site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb

@@ -185,8 +185,11 @@ api_permissions:
     what:
       - "add_rosteritem"
       - "delete_rosteritem"
-      - "send_message"
+      - "get_vcard2"
+      - "muc_register_nick"
       - "private_set"
+      - "send_message"
+      - "send_stanza"
 
 language: "en"
 

site-cookbooks/kosmos-mastodon/recipes/default.rb

@@ -265,6 +265,44 @@ service "mastodon-streaming" do
   action [:enable, :start]
 end
 
+#
+# Delete cached remote media older than 30 days
+# Will be re-fetched if necessary
+#
+
+systemd_unit 'mastodon-delete-old-media-cache.service' do
+  content({
+    Unit: {
+      Description: 'Delete old Mastodon media cache'
+    },
+    Service: {
+      Type: "oneshot",
+      WorkingDirectory: mastodon_path,
+      Environment: "RAILS_ENV=#{rails_env}",
+      ExecStart: "#{bundle_path} exec bin/tootctl media remove --days 30",
+    }
+  })
+  triggers_reload true
+  action [:create]
+end
+
+systemd_unit 'mastodon-delete-old-media-cache.timer' do
+  content({
+    Unit: {
+      Description: 'Delete old Mastodon media cache'
+    },
+    Timer: {
+      OnCalendar: '*-*-* 00:00:00',
+      Persistent: 'true'
+    },
+    Install: {
+      WantedBy: 'timer.target'
+    }
+  })
+  triggers_reload true
+  action [:create, :enable, :start]
+end
+
 firewall_rule "mastodon_app" do
   port     node['kosmos-mastodon']['app_port']
   source   "10.1.1.0/24"