From 08606ca1a6a84f666111316ed6798975c01c9b68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Behmo?= <regis@behmo.com>
Date: Thu, 12 Mar 2020 11:59:50 +0100
Subject: [PATCH] Add scheme and server name to access logs

To do so, we had to create a new log_format.

Plugin developers are strongly encouraged to start using this log format
by adding the `access_log /var/log/nginx/access.log tutor;` directive to
their extra nginx configurations.

In order to load this log format early, the `tutor.conf` config file had
to be renamed to something early in the alphabet... (hence starting by
an underscore) Older users would face an error on nginx reload, so older
"tutor.conf" files are automatically removed on config save.
---
 CHANGELOG.md                           |  1 +
 tutor/env.py                           |  9 +++++++++
 tutor/templates/apps/nginx/_tutor.conf | 10 ++++++++++
 tutor/templates/apps/nginx/cms.conf    |  1 +
 tutor/templates/apps/nginx/lms.conf    |  2 ++
 tutor/templates/apps/nginx/tutor.conf  |  5 -----
 6 files changed, 23 insertions(+), 5 deletions(-)
 create mode 100644 tutor/templates/apps/nginx/_tutor.conf
 delete mode 100644 tutor/templates/apps/nginx/tutor.conf

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d7163a3..9dff637 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@ Note: Breaking changes between versions are indicated by "💥".
 
 ## Unreleased
 
+- [Improvement] Modify nginx access logs to include request scheme and server name (plugin developers should use the "tutor" log format)
 - [Bugfix] Fix DNS resolution of restarted service
 - [Feature] Restart multiple services with `local restart`
 - [Feature] Make it possible to easily reload openedx gunicorn process with `tutor local exec lms reload-gunicorn``
diff --git a/tutor/env.py b/tutor/env.py
index 16fd726..61e228a 100644
--- a/tutor/env.py
+++ b/tutor/env.py
@@ -181,9 +181,18 @@ def save(root, config):
         if plugin.templates_root:
             save_plugin_templates(plugin, root, config)
 
+    upgrade_obsolete(root)
     fmt.echo_info("Environment generated in {}".format(base_dir(root)))
 
 
+def upgrade_obsolete(root):
+    # tutor.conf was renamed to _tutor.conf in order to be the first config file loaded
+    # by nginx
+    nginx_tutor_conf = pathjoin(root, "apps", "nginx", "tutor.conf")
+    if os.path.exists(nginx_tutor_conf):
+        os.remove(nginx_tutor_conf)
+
+
 def save_plugin_templates(plugin, root, config):
     """
     Save plugin templates to plugins/<plugin name>/*.
diff --git a/tutor/templates/apps/nginx/_tutor.conf b/tutor/templates/apps/nginx/_tutor.conf
new file mode 100644
index 0000000..3ef7b6b
--- /dev/null
+++ b/tutor/templates/apps/nginx/_tutor.conf
@@ -0,0 +1,10 @@
+# Allow long domain names
+server_names_hash_bucket_size 128;
+
+# Set a short ttl for proxies to allow restarts
+resolver 127.0.0.1 [::1]:5353 valid=10s;
+
+# Configure logging to include scheme and server name
+log_format tutor '$remote_addr - $remote_user [$time_local] $scheme://$host "$request" '
+                 '$status $body_bytes_sent "$http_referer" '
+                 '"$http_user_agent" "$http_x_forwarded_for"';
\ No newline at end of file
diff --git a/tutor/templates/apps/nginx/cms.conf b/tutor/templates/apps/nginx/cms.conf
index 5a7ca3e..0291158 100644
--- a/tutor/templates/apps/nginx/cms.conf
+++ b/tutor/templates/apps/nginx/cms.conf
@@ -20,6 +20,7 @@ server {
   ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
   {% endif %}
 
+  access_log /var/log/nginx/access.log tutor;
   client_max_body_size 100M;
   server_tokens off;
   
diff --git a/tutor/templates/apps/nginx/lms.conf b/tutor/templates/apps/nginx/lms.conf
index 6d24555..0ab149d 100644
--- a/tutor/templates/apps/nginx/lms.conf
+++ b/tutor/templates/apps/nginx/lms.conf
@@ -7,6 +7,7 @@ upstream lms-backend {
 server {
     server_name {{ LMS_HOST }} preview.{{ LMS_HOST }};
     listen 80;
+    access_log /var/log/nginx/access.log tutor;
     return 301 https://$server_name$request_uri;
 }
 {% endif %}
@@ -20,6 +21,7 @@ server {
   ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
   {% endif %}
 
+  access_log /var/log/nginx/access.log tutor;
   client_max_body_size 4M;
   server_tokens off;
 
diff --git a/tutor/templates/apps/nginx/tutor.conf b/tutor/templates/apps/nginx/tutor.conf
deleted file mode 100644
index e5188ef..0000000
--- a/tutor/templates/apps/nginx/tutor.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# Allow long domain names
-server_names_hash_bucket_size 128;
-
-# Set a short ttl for proxies to allow restarts
-resolver 127.0.0.1 [::1]:5353 valid=10s;