I don’t really need 397 daily letsencrypt log files…
I confirm there are 836 log files in my server under
/var/log/letsencrypt/, one for each day since LE certificate was enabled.
It would be a nice #feature to configure logrotate for them!
Does anybody want to propose an implementation?
In the meantime, card added here: https://github.com/orgs/NethServer/projects/1#card-24898234
certbot docs the default log configuration starts rotating files at 1000 instances.
Certbot has its own logrotate feature, I prefer to not override it with a system one!
The manual note says
Some distributions, including Debian and Ubuntu, disable certbot’s internal log rotation in favor of a more traditional logrotate script. If you are using a distribution’s packages and want to alter the log rotation, check
/etc/logrotate.d/for a certbot rotation script.
I think the best approach is sending a patch to the EPEL package mantainer!
As you see, the log rotation is done by certbot itself, and there’s a command-line flag to change the number of logs to keep if desired. If there’s a perceived need to do this at all (which I question–the full 1000 files on my system take less than 8 MB), the only thing you should need to do is add
--max-log-backups nnn to the
certbot invocation that originally obtains the cert–any subsequent renewal attempts should use that setting automatically.
Definitively yes, 600 logs on my system and 4.6 MB…I do not think we have something to fix … please argue
Is the only annoying due to certbot/letsencrypt “weird” log rotation…