We've currently 19 670 214 lines of log in web-001, since February 2025 rm -rf when disk was full with MediaWiki debug information (see D3709 to stabilize this configuration).

Organize a rotation of the log with newsyslog could be useful here:

/var/log/www/*/*.log   root:web   640   90     *     @T00   JC  /var/run/nginx.pid

nginx needs to be notified

nginx doesn't use new files after rotation without a reload, syslog can handle that by sending SIGHUP to the pid in the specified pid file.

See https://serverfault.com/questions/1031715/nginx-service-rotate-doesnt-use-new-log-files for example.

According https://nginx.org/en/docs/control.html, SIGHUP is fine and SIGUSR1 would be ideal, in that case write "SIGUSR1" or "30" as parameter

(people sometimes wonder why we still use pid file, that's an example of how it's used across the system)

GDPR documentation

Tagging also privacy as we can document in our GDPR practices we don't keep server logs more than the retention time.

Perhaps add an entry to https://agora.nasqueron.org/Privacy/Records_of_processing_activities#P-002._Web_applications for the server logs?

There is no policy change.