300 lines
4.4 KiB
Markdown
300 lines
4.4 KiB
Markdown
Untuk menambahkan **error log** pada service `systemd`, gunakan directive berikut di bagian `[Service]`:
|
|
|
|
* `StandardOutput=` → log output normal
|
|
* `StandardError=` → log error
|
|
* arahkan ke file dengan `append:` atau `file:`
|
|
|
|
Contoh lengkap:
|
|
|
|
```
|
|
[Unit]
|
|
Description=Aplikasi Pasar
|
|
|
|
[Service]
|
|
Type=simple
|
|
Restart=always
|
|
RestartSec=5s
|
|
User=root
|
|
WorkingDirectory=/home/api/
|
|
ExecStart=/home/api/delamonganpasarapi
|
|
|
|
# log output dan error ke file
|
|
StandardOutput=append:/var/log/delamonganpasarapi.log
|
|
StandardError=append:/var/log/delamonganpasarapi-error.log
|
|
|
|
# optional: buat identifier di journalctl
|
|
SyslogIdentifier=delamonganpasarapi
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
```
|
|
|
|
---
|
|
|
|
## Buat file log dan set permission
|
|
|
|
Jalankan:
|
|
|
|
```bash
|
|
sudo touch /var/log/delamonganpasarapi.log
|
|
sudo touch /var/log/delamonganpasarapi-error.log
|
|
sudo chmod 644 /var/log/delamonganpasarapi*.log
|
|
```
|
|
|
|
Atau jika service jalan sebagai user tertentu:
|
|
|
|
```bash
|
|
sudo chown root:root /var/log/delamonganpasarapi*.log
|
|
```
|
|
|
|
---
|
|
|
|
## Reload dan restart service
|
|
|
|
Setelah edit file service:
|
|
|
|
```bash
|
|
sudo systemctl daemon-reexec
|
|
sudo systemctl daemon-reload
|
|
sudo systemctl restart delamonganpasarapi
|
|
```
|
|
|
|
---
|
|
|
|
## Cara melihat log
|
|
|
|
### 1. Dari file log
|
|
|
|
```
|
|
tail -f /var/log/delamonganpasarapi.log
|
|
tail -f /var/log/delamonganpasarapi-error.log
|
|
```
|
|
|
|
### 2. Dari journalctl (recommended)
|
|
|
|
```
|
|
journalctl -u delamonganpasarapi -f
|
|
```
|
|
|
|
atau
|
|
|
|
```
|
|
journalctl -u delamonganpasarapi -n 100
|
|
```
|
|
|
|
---
|
|
|
|
## Best practice (recommended)
|
|
|
|
Sebenarnya systemd sudah menyimpan log otomatis, jadi cukup gunakan:
|
|
|
|
```
|
|
journalctl -u delamonganpasarapi
|
|
```
|
|
|
|
File log manual hanya diperlukan jika:
|
|
|
|
* ingin integrasi dengan logrotate
|
|
* ingin file log terpisah
|
|
* ingin dibaca aplikasi lain
|
|
|
|
---
|
|
|
|
## Bonus: log rotation otomatis
|
|
|
|
Buat file:
|
|
|
|
```
|
|
sudo nano /etc/logrotate.d/delamonganpasarapi
|
|
```
|
|
|
|
isi:
|
|
|
|
```
|
|
/var/log/delamonganpasarapi*.log {
|
|
daily
|
|
rotate 14
|
|
compress
|
|
missingok
|
|
notifempty
|
|
copytruncate
|
|
}
|
|
```
|
|
|
|
|
|
|
|
## Untuk user non root
|
|
Berikut contoh **systemd service production-ready** yang lebih aman, ada logging, restart policy, dan security hardening.
|
|
|
|
Misalnya file:
|
|
`/etc/systemd/system/delamonganpasarapi.service`
|
|
|
|
```
|
|
[Unit]
|
|
Description=Delamongan Pasar API Service
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
|
|
# Jalankan dengan user khusus (BUKAN root)
|
|
User=api
|
|
Group=api
|
|
|
|
# folder kerja aplikasi
|
|
WorkingDirectory=/home/api
|
|
|
|
# jalankan binary
|
|
ExecStart=/home/api/delamonganpasarapi
|
|
|
|
# restart otomatis jika crash
|
|
Restart=always
|
|
RestartSec=5
|
|
|
|
# logging
|
|
StandardOutput=append:/var/log/delamonganpasarapi.log
|
|
StandardError=append:/var/log/delamonganpasarapi-error.log
|
|
SyslogIdentifier=delamonganpasarapi
|
|
|
|
# limit resource (optional tapi recommended)
|
|
LimitNOFILE=65535
|
|
|
|
# security hardening
|
|
NoNewPrivileges=true
|
|
PrivateTmp=true
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
ReadWritePaths=/home/api /var/log
|
|
|
|
# timeout
|
|
TimeoutStartSec=30
|
|
TimeoutStopSec=30
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
```
|
|
|
|
---
|
|
|
|
# 1. Buat user khusus (recommended)
|
|
|
|
Jangan pakai root.
|
|
|
|
```
|
|
sudo useradd -r -s /bin/false -d /home/api api
|
|
sudo chown -R api:api /home/api
|
|
```
|
|
|
|
---
|
|
|
|
# 2. Buat file log
|
|
|
|
```
|
|
sudo touch /var/log/delamonganpasarapi.log
|
|
sudo touch /var/log/delamonganpasarapi-error.log
|
|
sudo chown api:api /var/log/delamonganpasarapi*.log
|
|
```
|
|
|
|
---
|
|
|
|
# 3. Enable dan start service
|
|
|
|
```
|
|
sudo systemctl daemon-reload
|
|
sudo systemctl enable delamonganpasarapi
|
|
sudo systemctl start delamonganpasarapi
|
|
```
|
|
|
|
Cek status:
|
|
|
|
```
|
|
sudo systemctl status delamonganpasarapi
|
|
```
|
|
|
|
---
|
|
|
|
# 4. Monitor log realtime
|
|
|
|
File log:
|
|
|
|
```
|
|
tail -f /var/log/delamonganpasarapi.log
|
|
```
|
|
|
|
Error log:
|
|
|
|
```
|
|
tail -f /var/log/delamonganpasarapi-error.log
|
|
```
|
|
|
|
Atau journalctl:
|
|
|
|
```
|
|
journalctl -u delamonganpasarapi -f
|
|
```
|
|
|
|
---
|
|
|
|
# 5. Auto start saat boot
|
|
|
|
Sudah otomatis karena:
|
|
|
|
```
|
|
WantedBy=multi-user.target
|
|
```
|
|
|
|
dan
|
|
|
|
```
|
|
systemctl enable delamonganpasarapi
|
|
```
|
|
|
|
---
|
|
|
|
# 6. Bonus (SANGAT recommended): logrotate
|
|
|
|
```
|
|
sudo nano /etc/logrotate.d/delamonganpasarapi
|
|
```
|
|
|
|
isi:
|
|
|
|
```
|
|
/var/log/delamonganpasarapi*.log {
|
|
daily
|
|
rotate 30
|
|
compress
|
|
delaycompress
|
|
missingok
|
|
notifempty
|
|
copytruncate
|
|
}
|
|
```
|
|
|
|
---
|
|
|
|
# 7. Struktur production yang ideal
|
|
|
|
```
|
|
/home/api/
|
|
├── delamonganpasarapi
|
|
├── config.json
|
|
└── .env
|
|
|
|
/var/log/
|
|
├── delamonganpasarapi.log
|
|
└── delamonganpasarapi-error.log
|
|
```
|
|
|
|
---
|
|
|
|
# 8. Debug cepat kalau service gagal
|
|
|
|
```
|
|
journalctl -u delamonganpasarapi -n 100 --no-pager
|
|
```
|
|
|
|
---
|
|
|
|
Kalau mau, saya bisa buatkan juga:
|