feat(litespeed): make log paths drop-in compatible with cac:phpNN
All checks were successful
Cloud Apache Container / Build-and-Push (74) (push) Successful in 1m35s
Cloud Apache Container / Build-and-Push (80) (push) Successful in 2m20s
Cloud Apache Container / Build-and-Push (81) (push) Successful in 1m18s
Cloud Apache Container / Build-and-Push (82) (push) Successful in 2m13s
Cloud Apache Container / Build-and-Push (83) (push) Successful in 2m21s
Cloud Apache Container / Build-and-Push (84) (push) Successful in 2m22s
Cloud Apache Container / Build-and-Push (85) (push) Successful in 2m19s
Cloud Apache Container / Build-FPM-Images (74) (push) Successful in 1m14s
Cloud Apache Container / Build-FPM-Images (80) (push) Successful in 2m25s
Cloud Apache Container / Build-FPM-Images (81) (push) Successful in 2m26s
Cloud Apache Container / Build-FPM-Images (82) (push) Successful in 2m15s
Cloud Apache Container / Build-FPM-Images (83) (push) Successful in 2m15s
Cloud Apache Container / Build-FPM-Images (84) (push) Successful in 2m58s
Cloud Apache Container / Build-FPM-Images (85) (push) Successful in 1m27s
Cloud Apache Container / Build-LiteSpeed-Images (81) (push) Successful in 30s
Cloud Apache Container / Build-LiteSpeed-Images (82) (push) Successful in 29s
Cloud Apache Container / Build-LiteSpeed-Images (83) (push) Successful in 29s
Cloud Apache Container / Build-LiteSpeed-Images (84) (push) Successful in 33s
Cloud Apache Container / Build-LiteSpeed-Images (85) (push) Successful in 1m27s
Cloud Apache Container / Build-Shared-httpd (push) Successful in 24s
All checks were successful
Cloud Apache Container / Build-and-Push (74) (push) Successful in 1m35s
Cloud Apache Container / Build-and-Push (80) (push) Successful in 2m20s
Cloud Apache Container / Build-and-Push (81) (push) Successful in 1m18s
Cloud Apache Container / Build-and-Push (82) (push) Successful in 2m13s
Cloud Apache Container / Build-and-Push (83) (push) Successful in 2m21s
Cloud Apache Container / Build-and-Push (84) (push) Successful in 2m22s
Cloud Apache Container / Build-and-Push (85) (push) Successful in 2m19s
Cloud Apache Container / Build-FPM-Images (74) (push) Successful in 1m14s
Cloud Apache Container / Build-FPM-Images (80) (push) Successful in 2m25s
Cloud Apache Container / Build-FPM-Images (81) (push) Successful in 2m26s
Cloud Apache Container / Build-FPM-Images (82) (push) Successful in 2m15s
Cloud Apache Container / Build-FPM-Images (83) (push) Successful in 2m15s
Cloud Apache Container / Build-FPM-Images (84) (push) Successful in 2m58s
Cloud Apache Container / Build-FPM-Images (85) (push) Successful in 1m27s
Cloud Apache Container / Build-LiteSpeed-Images (81) (push) Successful in 30s
Cloud Apache Container / Build-LiteSpeed-Images (82) (push) Successful in 29s
Cloud Apache Container / Build-LiteSpeed-Images (83) (push) Successful in 29s
Cloud Apache Container / Build-LiteSpeed-Images (84) (push) Successful in 33s
Cloud Apache Container / Build-LiteSpeed-Images (85) (push) Successful in 1m27s
Cloud Apache Container / Build-Shared-httpd (push) Successful in 24s
OLS now writes: access -> /home/$user/logs/apache/access_log error -> /home/$user/logs/apache/error_log PHP -> /home/$user/logs/php-fpm/error.log Matches the cac:phpNN bundled image convention exactly, so existing WHP log-gathering code (whp-traffic-aggregator.php, process-log-review.php) works for migrated sites without any panel-side changes. Customer-facing paths are stable across migrations — "where do I find my access log?" gets the same answer regardless of image family. Server-level OLS logs (/usr/local/lsws/logs/) are unchanged — those are internal diagnostics, not customer-relevant. PHP error_log is set via a runtime-rendered tiny ini in lsphp's scan dir (can't be in the static lsphp-overrides.ini because the path is per-customer). Customers on the four whp01 migrations (alphaone, peptides, shadowdao, brain-jar) need a container recreate after CI publishes the new tags. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -33,7 +33,12 @@ if ! id -u "$user" >/dev/null 2>&1; then
|
||||
fi
|
||||
|
||||
mkdir -p "/home/$user/public_html"
|
||||
mkdir -p "/home/$user/logs/litespeed"
|
||||
## Log dirs mirror cac:phpNN exactly — apache/ for web server access+error,
|
||||
## php-fpm/ for PHP errors. OLS isn't Apache and lsphp isn't php-fpm, but
|
||||
## the customer-facing paths stay identical so log-gathering, analytics,
|
||||
## and the customer's "where do I find my access log?" mental model all
|
||||
## just work without per-image-family special cases.
|
||||
mkdir -p "/home/$user/logs/apache" "/home/$user/logs/php-fpm"
|
||||
mkdir -p "/home/$user/lscache"
|
||||
|
||||
mkdir -p /tmp/lshttpd/swap
|
||||
@@ -56,6 +61,21 @@ fi
|
||||
## ---- render httpd_config + vhconf from templates ----
|
||||
/scripts/create-vhost-litespeed.sh
|
||||
|
||||
## ---- point PHP error_log at the same customer-visible path that
|
||||
## cac:phpNN uses for php-fpm errors. Drop-in compat: customer code that
|
||||
## was tailing /home/$user/logs/php-fpm/error.log on the old image will
|
||||
## see lsphp's PHP errors in the exact same file on the new image.
|
||||
## Rendered as a tiny ini in lsphp's scan dir; PHP merges it after the
|
||||
## production-tuning overrides at startup.
|
||||
SCAN_DIR=$(/usr/local/lsws/lsphp${PHPVER}/bin/lsphp -i 2>/dev/null | awk -F'=> ' '/^Scan this dir/ {print $2; exit}')
|
||||
if [ -n "$SCAN_DIR" ]; then
|
||||
cat > "$SCAN_DIR/99-user-error-log.ini" <<EOF
|
||||
; rendered at container start by entrypoint-litespeed.sh
|
||||
error_log = /home/${user}/logs/php-fpm/error.log
|
||||
log_errors = On
|
||||
EOF
|
||||
fi
|
||||
|
||||
## ---- ownership: OLS master/workers run as nobody; lsphp suexecs to the
|
||||
## customer per request (setUIDMode 2 in httpd_config.tpl). So the customer
|
||||
## owns everything under /home/$user — clean ownership model, no nobody
|
||||
@@ -63,6 +83,9 @@ fi
|
||||
chown -R nobody:nogroup /usr/local/lsws/logs /usr/local/lsws/conf/cert /tmp/lshttpd 2>/dev/null || true
|
||||
chown -R "$user:$user" "/home/$user"
|
||||
chmod 755 "/home/$user"
|
||||
## logs/apache and logs/php-fpm are written by OLS (running as the customer
|
||||
## via setUIDMode 2) so they need to be customer-owned, not nobody. The
|
||||
## chown -R above already covers them since they're under /home/$user.
|
||||
|
||||
## ---- drop healthz so docker HEALTHCHECK passes before customer files
|
||||
## Always rewrite as customer; suexec lsphp will read it as that uid too.
|
||||
@@ -131,10 +154,15 @@ OLS_PID=$!
|
||||
|
||||
## Stream OLS + customer logs to PID-1 stdout so `docker logs` works.
|
||||
touch /usr/local/lsws/logs/error.log /usr/local/lsws/logs/access.log
|
||||
touch "/home/$user/logs/litespeed/error.log" "/home/$user/logs/litespeed/access.log"
|
||||
touch "/home/$user/logs/apache/error_log" "/home/$user/logs/apache/access_log"
|
||||
touch "/home/$user/logs/php-fpm/error.log"
|
||||
chown "$user:$user" "/home/$user/logs/apache/error_log" \
|
||||
"/home/$user/logs/apache/access_log" \
|
||||
"/home/$user/logs/php-fpm/error.log"
|
||||
tail -F /usr/local/lsws/logs/error.log \
|
||||
/usr/local/lsws/logs/access.log \
|
||||
"/home/$user/logs/litespeed/error.log" \
|
||||
"/home/$user/logs/litespeed/access.log" 2>/dev/null &
|
||||
"/home/$user/logs/apache/error_log" \
|
||||
"/home/$user/logs/apache/access_log" \
|
||||
"/home/$user/logs/php-fpm/error.log" 2>/dev/null &
|
||||
|
||||
wait "$OLS_PID"
|
||||
|
||||
Reference in New Issue
Block a user