From d5c82a52219c25311a40f45f89892d81152203da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:36:53 +0200 Subject: [PATCH] Remove logging to /var/log and make readonly --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 8 +------- .../templates/systemd/matrix-maubot.service.j2 | 3 ++- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 5e44ff5f..86f0076d 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -108,12 +108,6 @@ logging: normal: format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' handlers: - file: - class: logging.handlers.RotatingFileHandler - formatter: normal - filename: /var/log/maubot.log - maxBytes: 10485760 - backupCount: 10 console: class: logging.StreamHandler formatter: colored @@ -126,4 +120,4 @@ logging: level: INFO root: level: DEBUG - handlers: [file, console] + handlers: [console] diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index e94696f7..a4e6d750 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -20,9 +20,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ + --read-only \ -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ + {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %}