Create more conservative logrotate configuration for Nginx

roles/webserver/tasks/nginx.yml

@@ -5,6 +5,15 @@
     update_cache: 'yes'
   when: with_nginx
 
+- name: 'Install logrotate configuration for nginx'
+  template:
+    src: 'logrotate/nginx.j2'
+    dest: '/etc/logrotate.d/nginx'
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
+  when: with_nginx
+
 - name: 'Install nginx default file configuration'
   template:
     src: 'nginx/default.j2'

roles/webserver/templates/logrotate/nginx.j2

@@ -0,0 +1,24 @@
+{% if ansible_prolog -%}
+{% from 'templates/ansible/prolog.j2' import prolog with context %}
+{{ prolog() }}
+{% endif -%}
+/var/log/nginx/*.log {
+    daily
+    missingok
+    rotate 1000
+    dateext
+    dateyesterday
+    compress
+    delaycompress
+    notifempty
+    create 0640 www-data adm
+    sharedscripts
+    prerotate
+        if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+            run-parts /etc/logrotate.d/httpd-prerotate; \
+        fi \
+    endscript
+    postrotate
+        invoke-rc.d nginx rotate >/dev/null 2>&1
+    endscript
+}