Create logfile at startup

[ne20002]

This PR is opened as draft pull request as it may need some discussion and a bit more testing.

As described in #friendica/friendica#15001 the log file is not creatd by friendica when logging is enabled. This PR is an attempt to fix this.

I only had time to test this with the fpm image (which is debian based).

My concerns are:

• I don't want to just create an empty log file with the current default (which is /var/www/html/friendica.log) as its location in /var/www/html is not really a good idea. I would vote for /var/log/friendica.log as a default.
• To make use of FRIENDICA_LOGFILE requires to check for the correct permission on the folder from the entrypoint.sh script. To do so I needed to add sudo to the installed packages (not really a security issue but not best practice).
• I haven't tested with Alpine (not sure if Alpine suports sudo out of the box).
• The correct solution would be that Friendica itself creates the file upon start or when enabled/changed in the UI. It seems as if it honors the location from then environment variable (which is good).

[mfxa]

Two suggestions/options:
If it's just supposed to try to create it and not do anything except continue if it fails, one could skip the conditional and needing to install sudo and just try to create it:

touch "$FRIENDICA_LOGFILE" || true
chown --silent www-data:www-data "$FRIENDICA_LOGFILE" || true

(--silent should only be there if we want to suppress error messages)

Alternatively, instead of using sudo I'm guessing su or runuser are available out of the box. I'd suggest the latter if possible since it's deescalating privileges.

Edit: I guess the first approach doesn't really determine if the file is writable by www-data, so I guess the runuser / su approach is the better one of the two.
It would be something like this:

runuser --login www-data  --command "test -w \"$(dirname \"$FRIENDICA_LOGFILE\")"; then

...or

su --login www-data --command "test -w \"$(dirname \"$FRIENDICA_LOGFILE\")"; then

[ne20002]

@mfxa, thank you for the comment.
I will try with the runuser. Not sure if su or runuser are available in the image. But I'll test.

[ne20002]

@mfxa I tried. But none of the test worked correctly except for the solution with sudo.
The error in both other tests is: This account is currently not available.

[mfxa]

Alright. Strange that the account is "currently not available".

Maybe runuser will work with --user www-data instead of --login www-data?

From the manpage:

--login:

Start the shell as a login shell with an environment similar to a real login:

--user:

Run command with the effective user ID and group ID of the user name user.

Edit: But I think your Dockerfile idea is better.

[ne20002]

I believe there is no elegant way to create the logfile with the docker image.
The possible options left are:

• just create an empty friendica.log file in /var/www/html in Dockerfile as this is the logfile default and it would by placed in a writable volume

For using Docker usually users would mount the log file and if so, the logfile needs to exist anyway.
In all other cases I believe the underlying problem should be fixed in Friendica.

@mfxa, @nupplaphil: do you agree?

[mfxa]

For some reason i can't make a direct comment on your new "comment", so responding here instead:

I believe there is no elegant way to create the logfile with the docker image. The possible options left are:

* just create an empty friendica.log file in /var/www/html in Dockerfile as this is the logfile default and it would by placed in a writable volume

For using Docker usually users would mount the log file and if so, the logfile needs to exist anyway. In all other cases I believe the underlying problem should be fixed in Friendica.

@mfxa, @nupplaphil: do you agree?

I think it sounds like a better idea to create it in the Dockerfile, yes. Good idea.
Better to move as much as possible to build time, and then it only needs to be done in one place.