[MediaWiki-commits] [Gerrit] dynamicproxy: custom log schema (http/https) for tools - change (operations/puppet)

Tue, 01 Mar 2016 17:02:11 -0800 

Dzahn has submitted this change and it was merged.

Change subject: dynamicproxy: custom log schema (http/https) for tools
......................................................................


dynamicproxy: custom log schema (http/https) for tools

We want all tools on toollabs to become https-only.(T102367)

For that we want to log on the proxy which tools are still using
http. (T128409)

Create a custom log that logs the $scheme (protocol), request and
status, but _no_ $remote_addr or anything else.

Bug:T128409
Change-Id: Ie8d7bff8b4546c8de7409470578a5bbda719b7c8
---
M modules/dynamicproxy/templates/urlproxy.conf
1 file changed, 6 insertions(+), 0 deletions(-)

Approvals:
  Dzahn: Verified; Looks good to me, approved



diff --git a/modules/dynamicproxy/templates/urlproxy.conf 
b/modules/dynamicproxy/templates/urlproxy.conf
index 6f58e34..8cc2428 100644
--- a/modules/dynamicproxy/templates/urlproxy.conf
+++ b/modules/dynamicproxy/templates/urlproxy.conf
@@ -37,6 +37,8 @@
 }
 <%- end -%>
 
+log_format schemelog '$scheme $request $status';
+
 server {
     resolver 208.80.154.20;
 
@@ -64,6 +66,10 @@
     listen 80;
     <%- end -%>
 
+    # Log which tools are not https-only yet (T128409).
+    access_log /var/log/nginx/access.log combined;
+    access_log /var/log/nginx/access-scheme.log schemelog;
+
     # People upload large files, and that is okay.
     # We can make this larger if need be.
     client_max_body_size 128m;

-- 
To view, visit https://gerrit.wikimedia.org/r/274161
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ie8d7bff8b4546c8de7409470578a5bbda719b7c8
Gerrit-PatchSet: 6
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
Gerrit-Reviewer: ArielGlenn <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: Merlijn van Deen <[email protected]>
Gerrit-Reviewer: Tim Landscheidt <[email protected]>
Gerrit-Reviewer: Yuvipanda <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to