Add RFC 5424 syslog logging to all service templates

- decnet/logging/syslog_formatter.py: RFC 5424 formatter (local0 facility, decnet@55555 SD element ID, full escaping per §6.3.3) - decnet/logging/file_handler.py: rotating file handler (10 MB / 5 backups), path configurable via DECNET_LOG_FILE env var - templates/decnet_logging.py: combined syslog_line / write_syslog_file / forward_syslog helper distributed to all 22 service template dirs - All templates/*/server.py: replaced ad-hoc JSON _forward/_log with RFC 5424 syslog_line + write_syslog_file + forward_syslog - All templates/*/Dockerfile: COPY decnet_logging.py /opt/ - DecnetConfig: added log_file field; CLI: --log-file flag; composer injects DECNET_LOG_FILE env var into service containers - tests/test_syslog_formatter.py + tests/test_file_handler.py: 25 new tests Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-04 04:31:00 -03:00
parent cf1e00af28
commit 55896b0caa
76 changed files with 3800 additions and 422 deletions
--- a/templates/ftp/Dockerfile
+++ b/templates/ftp/Dockerfile
@@ -8,6 +8,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
 ENV PIP_BREAK_SYSTEM_PACKAGES=1
 RUN pip3 install --no-cache-dir twisted jinja2

+COPY decnet_logging.py /opt/decnet_logging.py
 COPY server.py /opt/server.py
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
--- a/templates/ftp/decnet_logging.py
+++ b/templates/ftp/decnet_logging.py
@@ -0,0 +1,142 @@
+#!/usr/bin/env python3
+"""
+Shared RFC 5424 syslog helper for DECNET service templates.
+
+Provides two functions consumed by every service's server.py:
+  - syslog_line(service, hostname, event_type, severity, **fields) -> str
+  - write_syslog_file(line: str) -> None
+  - forward_syslog(line: str, log_target: str) -> None
+
+RFC 5424 structure:
+  <PRI>1 TIMESTAMP HOSTNAME APP-NAME PROCID MSGID [SD-ELEMENT] MSG
+
+Facility: local0 (16), PEN for SD element ID: decnet@55555
+"""
+
+import logging
+import logging.handlers
+import os
+import socket
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any
+
+# ─── Constants ────────────────────────────────────────────────────────────────
+
+_FACILITY_LOCAL0 = 16
+_SD_ID = "decnet@55555"
+_NILVALUE = "-"
+
+SEVERITY_EMERG   = 0
+SEVERITY_ALERT   = 1
+SEVERITY_CRIT    = 2
+SEVERITY_ERROR   = 3
+SEVERITY_WARNING = 4
+SEVERITY_NOTICE  = 5
+SEVERITY_INFO    = 6
+SEVERITY_DEBUG   = 7
+
+_MAX_HOSTNAME = 255
+_MAX_APPNAME  = 48
+_MAX_MSGID    = 32
+
+_LOG_FILE_ENV     = "DECNET_LOG_FILE"
+_DEFAULT_LOG_FILE = "/var/log/decnet/decnet.log"
+_MAX_BYTES        = 10 * 1024 * 1024  # 10 MB
+_BACKUP_COUNT     = 5
+
+# ─── Formatter ────────────────────────────────────────────────────────────────
+
+def _sd_escape(value: str) -> str:
+    """Escape SD-PARAM-VALUE per RFC 5424 §6.3.3."""
+    return value.replace("\\", "\\\\").replace('"', '\\"').replace("]", "\\]")
+
+
+def _sd_element(fields: dict[str, Any]) -> str:
+    if not fields:
+        return _NILVALUE
+    params = " ".join(f'{k}="{_sd_escape(str(v))}"' for k, v in fields.items())
+    return f"[{_SD_ID} {params}]"
+
+
+def syslog_line(
+    service: str,
+    hostname: str,
+    event_type: str,
+    severity: int = SEVERITY_INFO,
+    timestamp: datetime | None = None,
+    msg: str | None = None,
+    **fields: Any,
+) -> str:
+    """
+    Return a single RFC 5424-compliant syslog line (no trailing newline).
+
+    Args:
+        service:    APP-NAME (e.g. "http", "mysql")
+        hostname:   HOSTNAME (decky node name)
+        event_type: MSGID    (e.g. "request", "login_attempt")
+        severity:   Syslog severity integer (default: INFO=6)
+        timestamp:  UTC datetime; defaults to now
+        msg:        Optional free-text MSG
+        **fields:   Encoded as structured data params
+    """
+    pri     = f"<{_FACILITY_LOCAL0 * 8 + severity}>"
+    ts      = (timestamp or datetime.now(timezone.utc)).isoformat()
+    host    = (hostname or _NILVALUE)[:_MAX_HOSTNAME]
+    appname = (service  or _NILVALUE)[:_MAX_APPNAME]
+    msgid   = (event_type or _NILVALUE)[:_MAX_MSGID]
+    sd      = _sd_element(fields)
+    message = f" {msg}" if msg else ""
+    return f"{pri}1 {ts} {host} {appname} {_NILVALUE} {msgid} {sd}{message}"
+
+
+# ─── File handler ─────────────────────────────────────────────────────────────
+
+_file_logger: logging.Logger | None = None
+
+
+def _get_file_logger() -> logging.Logger:
+    global _file_logger
+    if _file_logger is not None:
+        return _file_logger
+
+    log_path = Path(os.environ.get(_LOG_FILE_ENV, _DEFAULT_LOG_FILE))
+    try:
+        log_path.parent.mkdir(parents=True, exist_ok=True)
+        handler = logging.handlers.RotatingFileHandler(
+            log_path,
+            maxBytes=_MAX_BYTES,
+            backupCount=_BACKUP_COUNT,
+            encoding="utf-8",
+        )
+    except OSError:
+        handler = logging.StreamHandler()
+
+    handler.setFormatter(logging.Formatter("%(message)s"))
+    _file_logger = logging.getLogger("decnet.syslog")
+    _file_logger.setLevel(logging.DEBUG)
+    _file_logger.propagate = False
+    _file_logger.addHandler(handler)
+    return _file_logger
+
+
+def write_syslog_file(line: str) -> None:
+    """Append a syslog line to the rotating log file."""
+    try:
+        _get_file_logger().info(line)
+    except Exception:
+        pass
+
+
+# ─── TCP forwarding ───────────────────────────────────────────────────────────
+
+def forward_syslog(line: str, log_target: str) -> None:
+    """Forward a syslog line over TCP to log_target (ip:port)."""
+    if not log_target:
+        return
+    try:
+        host, port = log_target.rsplit(":", 1)
+        with socket.create_connection((host, int(port)), timeout=3) as s:
+            s.sendall((line + "\n").encode())
+    except Exception:
+        pass
--- a/templates/ftp/server.py
+++ b/templates/ftp/server.py
@@ -14,32 +14,20 @@ from datetime import datetime, timezone
 from twisted.internet import defer, protocol, reactor
 from twisted.protocols.ftp import FTP, FTPFactory
 from twisted.python import log as twisted_log
+from decnet_logging import syslog_line, write_syslog_file, forward_syslog

 NODE_NAME = os.environ.get("NODE_NAME", "ftpserver")
+SERVICE_NAME   = "ftp"
 LOG_TARGET = os.environ.get("LOG_TARGET", "")


-def _forward(event: dict) -> None:
-    if not LOG_TARGET:
-        return
-    try:
-        host, port = LOG_TARGET.rsplit(":", 1)
-        with socket.create_connection((host, int(port)), timeout=3) as s:
-            s.sendall((json.dumps(event) + "\n").encode())
-    except Exception:
-        pass


-def _log(event_type: str, **kwargs) -> None:
-    event = {
-        "ts": datetime.now(timezone.utc).isoformat(),
-        "service": "ftp",
-        "host": NODE_NAME,
-        "event": event_type,
-        **kwargs,
-    }
-    print(json.dumps(event), flush=True)
-    _forward(event)
+def _log(event_type: str, severity: int = 6, **kwargs) -> None:
+    line = syslog_line(SERVICE_NAME, NODE_NAME, event_type, severity, **kwargs)
+    print(line, flush=True)
+    write_syslog_file(line)
+    forward_syslog(line, LOG_TARGET)


 class ServerFTP(FTP):