Provide a method to mitigate /var/log/nginx/access.log filling the disk due to excessive invalid login attempts using invalid credentials.
root# tdnf clean all sed -i 's/^enabled=1/enabled=0/' /etc/yum.repos.d/*.repoStep 2: Enable Airgap Local Repositories
root# echo "[airgapphoton] name=VMware Airgap Photon Release Repo baseurl=https://$HOSTNAME/release/photon gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgapphoton.repo root# echo "[airgappu] name=VMware Airgap Photon Updates Repo baseurl=https://$HOSTNAME/updates/photon-updates gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgappu.repo root# echo "[airgap-telco-debuginfo] name=VMware Airgap Photon Telco Debuginfo baseurl=https://$HOSTNAME/updates/photon-telco-debuginfo gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgap-telco-debuginfo.repo root# echo "[airgap-telco-updates] name=VMware Airgap Photon Telco Updates baseurl=https://$HOSTNAME/updates/photon-telco-updates gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgap-telco-updates.repo
root# tdnf intall -y logrotate cronie
root# systemctl enable --now crond.service root# systemctl status crond.service
root# echo "/var/log/nginx/*.log { rotate 10 size 200M copytruncate compress missingok nodateext }" > /etc/logrotate.d/nginx root# echo "/var/log/messages { prerotate /usr/bin/chattr -a /var/log/messages endscript compress size 200M weekly rotate 8 copytruncate missingok postrotate /usr/bin/kill -HUP rsyslogd endscript }" > /etc/logrotate.d/messagesStep 6: Update permissions:
chmod +x /etc/cron.daily/logrotate
root # logrotate -f /etc/logrotate.d/nginx root # logrotate -f /etc/logrotate.d/messages4. Validate files have been rotated
root# ls -l /var/log/nginx/ root# ls -l /var/log/