Passa al contenuto principale

Logwatch

Logwatch keeps an eye on the logs files, flags items that may be of interest, and reports them via email. It might be useful in monitoring the state of our VPS and that of the applications that we install.

1. Install msmtp

  1. Let's make sure first that we have the right packages installed:

    #apt purge mailutils mailutils-common
    #apt autoremove
    apt install \
        msmtp msmtp-mta bsd-mailx

  2. Create the config file /etc/msmtprc:

    cat << _EOF_ > /etc/msmtprc
    account smtp
    maildomain user1.fs.al
    host smtp.user1.fs.al
    from mycloud@user1.fs.al
    tls_starttls on
    set_from_header on

    account default : smtp
    aliases /etc/aliases.msmtp
    syslog LOG_MAIL
    _EOF_

    nano /etc/msmtprc

  3. Create the config file /etc/aliases.msmtp, like this:

    cat << _EOF_ > /etc/aliases.msmtp
    default: dashohoxha@gmail.com
    _EOF_

    nano /etc/aliases.msmtp

    All emails from the system will be forwarded to the default address. It can also be a comma separated list of addresses.

  4. Let's test it:

    mail --help
    mail -s Test1 -- root <<< "Test 1"

2. Setup logwatch

  1. Install it:

    apt install --yes logwatch libdate-manip-perl

  2. Create config file /etc/logwatch/conf/logwatch.conf:

    cat << _EOF_ > /etc/logwatch/conf/logwatch.conf
    Range = between -7 days and -1 days
    _EOF_

    Run it for the last 7 days.

  3. Make it run weekly, instead of daily:

    ls /etc/cron.daily/
    mv /etc/cron.daily/00logwatch /etc/cron.weekly/

  4. Test it:

    nano /etc/cron.weekly/00logwatch
    /etc/cron.weekly/00logwatch

    Check the mailbox for the mail sent by logwatch.

3. Enable logwatch for containers

For container that we install with docker-scripts, we can install msmtp and logwatch like this:

cmd_config() {
    # . . . . .
    ds inject msmtp.sh
    ds inject logwatch.sh
    # . . . . .
}

The injected scripts logwatch.sh and msmtp.sh are defined by the framework itself:

cd /opt/docker-scripts/ds/
nano src/inject/msmtp.sh
nano src/inject/logwatch.sh

If you look at the code of these scripts, you will notice that:

  1. They load variables both from global settings and local setting, like this:

    # load global settings
    global_settings=$(dirname $0)/global_settings.sh
    [[ -f $global_settings ]] && source $global_settings

    # load local settings
    source /host/settings.sh

  2. They use variables like: SMTP_SERVER, SMTP_DOMAIN, SMTP_PORT, LOGWATCH_EMAIL etc.

These variables are stored at the global settings file, because they are usually the same for all the containers, but may also be overridden at the local settings file of a container, if needed.

The global settings file is located at $DSDIR/global_settings.sh (which is by default ~/.ds/global_settings.sh).

To enable msmtp and logwatch for our containers, we should define these variables at ~/.ds/global_settings.sh:

cat << _EOF_ >> ~/.ds/global_settings.sh
SMTP_SERVER="smtp.user1.fs.al"
SMTP_DOMAIN="user1.fs.al"
#SMTP_PORT=25
LOGWATCH_EMAIL=dashohoxha@gmail.com
_EOF_
note

We have to rebuild the containers (usually with ds make), so that these changes are enabled:

ls /var/ds/

app_list="nsd revproxy mariadb wordpress1"
for app in $app_list; do
    cd /var/ds/$app/
    ds make
done