From f2b889e6e7577f371ee9a533dfc1e86243ab19a2 Mon Sep 17 00:00:00 2001 From: JoshuaLicense Date: Fri, 30 Aug 2024 10:55:15 +0100 Subject: [PATCH] feat(docker): exclude `/healthcheck` from access logs (#279) --- infra/docker/api/api.conf | 8 ++++++++ infra/docker/internal/internal.conf | 8 ++++++++ infra/docker/selfserve/selfserve.conf | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/infra/docker/api/api.conf b/infra/docker/api/api.conf index a5fe90656b..bc9a2add74 100644 --- a/infra/docker/api/api.conf +++ b/infra/docker/api/api.conf @@ -1,3 +1,9 @@ +map $request_uri $should_log { + default 1; + # The security group healthcheck endpoint. + ~^/healthcheck 0; +} + server { listen 8080; listen [::]:8080; @@ -6,6 +12,8 @@ server { root /var/www/html/public; + access_log /dev/stdout main if=$should_log; + # Prevent some browsers from MIME-sniffing the response. # # This reduces exposure to drive-by download attacks and cross-origin data diff --git a/infra/docker/internal/internal.conf b/infra/docker/internal/internal.conf index 9160192a61..2e548de82a 100644 --- a/infra/docker/internal/internal.conf +++ b/infra/docker/internal/internal.conf @@ -1,3 +1,9 @@ +map $request_uri $should_log { + default 1; + # The security group healthcheck endpoint. + ~^/healthcheck 0; +} + # Add Access-Control-Allow-Origin. map $sent_http_content_type $cors { # Images @@ -31,6 +37,8 @@ server { root /var/www/html/public; + access_log /dev/stdout main if=$should_log; + # Protect website against clickjacking. # # The example below sends the `X-Frame-Options` response header with the value diff --git a/infra/docker/selfserve/selfserve.conf b/infra/docker/selfserve/selfserve.conf index 7342e9738f..22f5fcd6fd 100644 --- a/infra/docker/selfserve/selfserve.conf +++ b/infra/docker/selfserve/selfserve.conf @@ -1,3 +1,9 @@ +map $request_uri $should_log { + default 1; + # The security group healthcheck endpoint. + ~^/healthcheck 0; +} + # Add Access-Control-Allow-Origin. map $sent_http_content_type $cors { # Images @@ -31,6 +37,8 @@ server { root /var/www/html/public; + access_log /dev/stdout main if=$should_log; + # Protect website against clickjacking. # # The example below sends the `X-Frame-Options` response header with the value