From 149bea83090951db5daac5d9c49396cae87fc561 Mon Sep 17 00:00:00 2001
From: Alex Vandiver <alexmv@zulip.com>
Date: Thu, 13 Jul 2023 12:49:57 -0400
Subject: [PATCH] puppet: Configure smokescreen for 14 days of logs, via
 logrotate.

supervisord's log rotation is only "every x bytes" which is not a good
enough policy for tracking auditing logs.  The default is also 10 logs
of 50MB, which is very much not enough for active instances.

Switch to tracking 14 days of daily logs.
---
 puppet/zulip/files/logrotate/smokescreen              | 11 +++++++++++
 puppet/zulip/manifests/smokescreen.pp                 |  8 ++++++++
 .../zulip/templates/supervisor/smokescreen.conf.erb   |  2 ++
 3 files changed, 21 insertions(+)
 create mode 100644 puppet/zulip/files/logrotate/smokescreen

diff --git a/puppet/zulip/files/logrotate/smokescreen b/puppet/zulip/files/logrotate/smokescreen
new file mode 100644
index 0000000000..ab0a182cec
--- /dev/null
+++ b/puppet/zulip/files/logrotate/smokescreen
@@ -0,0 +1,11 @@
+/var/log/zulip/smokescreen.log
+{
+    missingok
+    rotate 14
+    daily
+    compress
+    delaycompress
+    notifempty
+    copytruncate
+    create 644 zulip zulip
+}
diff --git a/puppet/zulip/manifests/smokescreen.pp b/puppet/zulip/manifests/smokescreen.pp
index 337f07b841..48e1b601df 100644
--- a/puppet/zulip/manifests/smokescreen.pp
+++ b/puppet/zulip/manifests/smokescreen.pp
@@ -49,4 +49,12 @@ class zulip::smokescreen {
     content => template('zulip/supervisor/smokescreen.conf.erb'),
     notify  => Service[supervisor],
   }
+
+  file { '/etc/logrotate.d/smokescreen':
+    ensure => file,
+    owner  => 'root',
+    group  => 'root',
+    mode   => '0644',
+    source => 'puppet:///modules/zulip/logrotate/smokescreen',
+  }
 }
diff --git a/puppet/zulip/templates/supervisor/smokescreen.conf.erb b/puppet/zulip/templates/supervisor/smokescreen.conf.erb
index 16bcb1efd8..416d95e4aa 100644
--- a/puppet/zulip/templates/supervisor/smokescreen.conf.erb
+++ b/puppet/zulip/templates/supervisor/smokescreen.conf.erb
@@ -6,3 +6,5 @@ autorestart=true
 user=zulip
 redirect_stderr=true
 stdout_logfile=/var/log/zulip/smokescreen.log
+stdout_logfile_maxbytes=0
+stdout_logfile_backups=0