From 6b126e3baa1ed07b688f89dfe20f175a5c482665 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Tue, 22 Aug 2023 22:50:27 +0200
Subject: [PATCH 1/3] upgrade forgejo

---
 ansible/roles/forgejo/app.ini.j2          | 7 ++++++-
 ansible/roles/forgejo/docker-stack.yml.j2 | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/ansible/roles/forgejo/app.ini.j2 b/ansible/roles/forgejo/app.ini.j2
index 9641715..f33b650 100644
--- a/ansible/roles/forgejo/app.ini.j2
+++ b/ansible/roles/forgejo/app.ini.j2
@@ -1,6 +1,7 @@
 APP_NAME = Forgejo: Beyond coding. We forge.
 RUN_MODE = prod
 RUN_USER = git
+WORK_PATH=/data/gitea
 
 [repository]
 ROOT = /data/git/repositories
@@ -56,8 +57,9 @@ PATH = /data/gitea/attachments
 [log]
 MODE      = console
 LEVEL     = info
-ROUTER    = console
+logger.router.MODE = console
 ROOT_PATH = /data/gitea/log
+logger.access.MODE=console
 
 [security]
 INSTALL_LOCK                  = true
@@ -102,3 +104,6 @@ DEFAULT_TRUST_MODEL = committer
 
 [ui]
 DEFAULT_THEME = forgejo-light
+
+[oauth2]
+ENABLE=false
diff --git a/ansible/roles/forgejo/docker-stack.yml.j2 b/ansible/roles/forgejo/docker-stack.yml.j2
index be29805..43acade 100644
--- a/ansible/roles/forgejo/docker-stack.yml.j2
+++ b/ansible/roles/forgejo/docker-stack.yml.j2
@@ -19,7 +19,7 @@ volumes:
 
 services:
   forgejo:
-    image: codeberg.org/forgejo/forgejo:1.18
+    image: codeberg.org/forgejo/forgejo:1.20
     environment:
       - USER_UID=1000
       - USER_GID=1000

From c59dcbeaae9a15da5c91692562601fb17843ef05 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Tue, 22 Aug 2023 22:52:51 +0200
Subject: [PATCH 2/3] revert seafile naming changes

---
 ansible/roles/seafile/docker-stack.yml.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ansible/roles/seafile/docker-stack.yml.j2 b/ansible/roles/seafile/docker-stack.yml.j2
index aaf9611..b510050 100644
--- a/ansible/roles/seafile/docker-stack.yml.j2
+++ b/ansible/roles/seafile/docker-stack.yml.j2
@@ -19,7 +19,7 @@ volumes:
       device: ":/mnt/data/seafile/db"
 
 services: 
-  mariadb: 
+  db:
     image: mariadb:10.5 
     environment: 
       - MYSQL_ROOT_PASSWORD={{ db_root_passwd }}
@@ -48,7 +48,7 @@ services:
         volume:
           nocopy: true
     environment: 
-      - DB_HOST=db 
+      - DB_HOST=db
       - DB_ROOT_PASSWD={{ db_root_passwd }}
       - TIME_ZONE=Europe/Amsterdam 
       - SEAFILE_ADMIN_EMAIL={{ seafile_admin_email }}

From db38d9c6bb27104db3a943422ec3f25eeb4a0830 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Tue, 22 Aug 2023 22:53:40 +0200
Subject: [PATCH 3/3] collect docker logs using fluent

---
 ansible/playbooks/setup.yml                  | 12 ++++++++++-
 ansible/roles/monitoring/docker-stack.yml.j2 |  2 +-
 ansible/roles/monitoring/fluent.conf.j2      |  2 +-
 terraform/elasticsearch/main.tf              | 22 ++++++++++++++++++++
 4 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/ansible/playbooks/setup.yml b/ansible/playbooks/setup.yml
index 7b06092..f6130d3 100644
--- a/ansible/playbooks/setup.yml
+++ b/ansible/playbooks/setup.yml
@@ -17,7 +17,17 @@
 
   roles:
     - setup_apt
-    - docker
+
+  post_tasks:
+    - name: Install Docker
+      include_role:
+        name: docker
+      vars:
+        docker_daemon_config:
+          log-driver: fluentd
+          log-opts:
+            fluentd-address: "localhost:22222"
+            tag: "docker.{{ '{{' }}.Name{{ '}}' }}"
 
 - name: Setup Docker Swarm manager
   hosts: manager
diff --git a/ansible/roles/monitoring/docker-stack.yml.j2 b/ansible/roles/monitoring/docker-stack.yml.j2
index 04730f8..9a61c12 100644
--- a/ansible/roles/monitoring/docker-stack.yml.j2
+++ b/ansible/roles/monitoring/docker-stack.yml.j2
@@ -122,7 +122,7 @@ services:
       - BAUTH_PASS=test
 
   fluentd:
-    image: git.kun.is/pim/fluentd:1.0.1
+    image: git.kun.is/pim/fluentd:1.0.2
     depends_on:
       - elasticsearch
     ports:
diff --git a/ansible/roles/monitoring/fluent.conf.j2 b/ansible/roles/monitoring/fluent.conf.j2
index 61b52b3..63d2f5a 100644
--- a/ansible/roles/monitoring/fluent.conf.j2
+++ b/ansible/roles/monitoring/fluent.conf.j2
@@ -6,7 +6,7 @@
   port {{ fluent_forward_port }}
 </source>
 
-<match *>
+<match **>
   @type elasticsearch
   host maestro.dmz
   port {{ elasticsearch_port }}
diff --git a/terraform/elasticsearch/main.tf b/terraform/elasticsearch/main.tf
index 818dba0..b6d0e4f 100644
--- a/terraform/elasticsearch/main.tf
+++ b/terraform/elasticsearch/main.tf
@@ -38,3 +38,25 @@ resource "elasticstack_elasticsearch_index_template" "metrics_template" {
     })
   }
 }
+
+resource "elasticstack_elasticsearch_index_lifecycle" "logs_ilm" {
+  name = "logs_ilm"
+
+  delete {
+    min_age = "2d"
+    delete {}
+  }
+}
+
+resource "elasticstack_elasticsearch_index_template" "logs_template" {
+  name = "logs_template"
+
+  priority = 42
+  index_patterns = ["fluentd.docker.**"]
+
+  template {
+    settings = jsonencode({
+      "index.lifecycle.name" = elasticstack_elasticsearch_index_lifecycle.logs_ilm.name
+    })
+  }
+}