> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pangolin.net/llms.txt
> Use this file to discover all available pages before exploring further.
# Traefik Access Log Rotation
> How to manage and rotate Traefik access logs when CrowdSec is installed
Fastest way to get started with Pangolin using the hosted control plane. No credit card required.
When CrowdSec is installed, Traefik access logging is enabled automatically so CrowdSec can analyze traffic. This means `config/traefik/logs/access.log` will grow indefinitely without log rotation in place.
The default Pangolin install (without CrowdSec) does not enable access
logging, so this only applies if you have CrowdSec installed.
## How it works
The CrowdSec installer enables Traefik's `accessLog` block and mounts `./config/traefik/logs/` into the container at `/var/log/traefik/`. CrowdSec reads that log via its `acquis.d/traefik.yaml` acquisition config.
Without rotation, that file grows forever. The fix is `logrotate` with `copytruncate` — it copies the log file and truncates the original in place, so Traefik never needs to be restarted or sent a signal.
## Automatic setup (installer v1.x+)
If you installed CrowdSec using a recent version of the Pangolin installer, logrotate is configured automatically at `/etc/logrotate.d/pangolin-traefik`. You can verify it's there:
```bash theme={"dark"}
cat /etc/logrotate.d/pangolin-traefik
```
You should see something like:
```
/opt/pangolin/config/traefik/logs/access.log {
daily
rotate 7
compress
delaycompress
missingok
notifempty
copytruncate
}
```
## Manual setup
If you installed CrowdSec before automatic log rotation was added, set it up manually:
Replace `/opt/pangolin` with your actual Pangolin install directory if it differs.
```bash theme={"dark"}
sudo tee /etc/logrotate.d/pangolin-traefik > /dev/null <<'EOF'
/opt/pangolin/config/traefik/logs/access.log {
daily
rotate 7
compress
delaycompress
missingok
notifempty
copytruncate
}
EOF
```
Do a dry run to confirm logrotate picks it up without errors:
```bash theme={"dark"}
sudo logrotate --debug /etc/logrotate.d/pangolin-traefik
```
No errors means you're good. You can also force a rotation immediately to verify end-to-end:
```bash theme={"dark"}
sudo logrotate --force /etc/logrotate.d/pangolin-traefik
```
## Customizing retention
The defaults (daily rotation, 7 compressed copies) work for most setups. To adjust:
| Option | What it does |
| --------------- | -------------------------------------------------------------------------------------- |
| `daily` | Rotate once per day. Use `weekly` or `monthly` if preferred. |
| `rotate 7` | Keep 7 rotated files before deleting the oldest. |
| `compress` | Gzip rotated files to save disk space. |
| `delaycompress` | Skip compressing the most recent rotated file (useful if something still has it open). |
For example, to keep 30 days of compressed weekly logs:
```
/opt/pangolin/config/traefik/logs/access.log {
weekly
rotate 30
compress
delaycompress
missingok
notifempty
copytruncate
}
```
## Verifying rotation is working
Check that rotated files are appearing in the logs directory:
```bash theme={"dark"}
ls -lh /opt/pangolin/config/traefik/logs/
```
After the first rotation you should see files like `access.log.1` and `access.log.2.gz` alongside the active `access.log`.
To see when logrotate last ran and whether it succeeded:
```bash theme={"dark"}
cat /var/lib/logrotate/status | grep pangolin
```