Lack of Log Rotation Configuration in Ghost Server Can Eventually Consume All Disk Space

Hi everyone,

Just wanted to share with the community something I noticed last week while I was backing up my Ghost content’s folder with rsync. rsync would hang as it moved the logs directory; looking further into it, my Ghost access log had grown to several gigabytes and was continuing to grow.

Ultimately the cause is the lack of a logrotate configuration for the Ghost logs. After troubleshooting and testing my config this weekend, I am comfortable enough releasing it to the community. Hopefully this helps someone else out:

Note that this is only a concern for self-hosted instances of Ghost.

-TorqueWrench

Ghost’s default log rotation configuration should rotate your logs every day and keep just 10 logs.

So it sounds like you ran into either a bug or an environment issue. Maybe you can share how you installed Ghost?

We certainly expect that Ghost would not fill up your disk with logs.

Hi Hannah,

Glad to hear that! I don’t really see it as a problem with Ghost per se; logrotate is a standard utility that most Linux sysadmins would be aware of that might need configuration with the installation of a new application. The only reason I brought it up to the community is that others may not be aware.

Looks like I’m not the first person to notice this, someone else reported it here back in October:

Install process was about 1.5-2 yrs ago using the following guide for Ubuntu:

All defaults used, running Ubuntu 18.04 LTS with regular, weekly Ghost updates.

head -1 indicates the access log in /var/www/ghost/content/logs/ goes back to June 2020.

@Hannah

Looking further at the other report of this issue:

Now this is interesting. We have almost the exact same date (maybe I just updated a day later). Seems like an oddly strange coincidence, doesn’t it? Within a day of each other in June almost a year ago:

“time”:“2020-06-04T00:01:11.425Z”

surely something has changed, probably a package upgrade or Ubuntu upgrade. I haven’t changed anything manually.

I also followed the official installation of Ghost on a clean server

mine starts at 2020-06-06T00:00:43.515Z, there is rotated logs in the folder but they stopped on june 6th

followed the same guide

Thanks for the additional datapoint, @rajiin. So we’re all in the same boat!

I wonder how many people are heading for a full storage drive and don’t even know it…

I just experienced the log rotate issue and solved it using @Torqu3Wr3nch’s article: Save Disk Space By Setting Up Logrotate with Your Ghost Blog. Thank you @Torqu3Wr3nch ! I was up to 90% usage on my 25 GB space. Now I’m back to something reasonable, thanks to your help here.

I have experienced something similar, but relating to insufficient permissions erroring out in logrotate.

I’ve added the su directive to the logrotate.d/ghost configuration file that now looks like this due to errors that were being output when testing logrotate manually with debug logging.

considering log /var/www/<domain>/content/logs/https___<domain>_production.log
error: skipping "/var/www/<domain>/content/logs/https___<domain>_production.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

more /etc/logrotate.d/ghost

/var/www/*/content/logs/*.log {
        daily
        maxsize 400M
        notifempty
        rotate 7
        compress
        copytruncate
        su ghost ghost
}

I added `notifempty`, `su ghost ghost` and modified the number of log files to keep around and to rotate daily or at a specific `maxsize` (as file system sizes aren't a function of days/weeks/months but rather size).