From af35fb50aac15eebb12cdb24b041bcb9e1826552 Mon Sep 17 00:00:00 2001
From: Sida Say <sida.say@khalibre.com>
Date: Fri, 27 Dec 2024 11:23:48 +0700
Subject: [PATCH] feat: update to 3.10.2 and fews issues on logs and db

---
 .github/workflows/release.yml           |  2 +-
 Dockerfile                              |  6 +++---
 rootfs/opt/privacyidea/pi-logging.yml   | 14 +++++++++-----
 rootfs/opt/templates/pi-config.template |  3 ++-
 4 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 818d5f1..e6cbe79 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -23,5 +23,5 @@ jobs:
           platforms: linux/amd64,linux/arm64
           push: true
           python_base_image: 3.12.7-slim-bullseye
-          pi_version: '3.10.1'
+          pi_version: '3.10.2'
           is_default_version: true
diff --git a/Dockerfile b/Dockerfile
index 79fa869..189a127 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 ARG BASE_IMAGE_TAG=3.12.7-slim-bullseye
-ARG PI_VERSION=3.10.1
+ARG PI_VERSION=3.10.2
 ARG PI_HOME=/opt/privacyidea
 
 FROM python:$BASE_IMAGE_TAG AS builder
@@ -29,8 +29,8 @@ ENV PI_SKIP_BOOTSTRAP=false \
 COPY prebuildfs /
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN install_packages ca-certificates gettext-base tini tree jq libpq5 realmd krb5-user curl && \
-    mkdir -p "$PI_DATA_DIR" "$PI_CFG_DIR" && \
-    chown -R nobody:nogroup "$PI_DATA_DIR" "$PI_CFG_DIR"
+    mkdir -p "$PI_DATA_DIR" "$PI_CFG_DIR" /var/log/privacyidea && \
+    chown -R nobody:nogroup "$PI_DATA_DIR" "$PI_CFG_DIR" /var/log/privacyidea
 USER nobody
 WORKDIR "$PI_HOME"
 COPY --from=builder /opt/privacyidea .
diff --git a/rootfs/opt/privacyidea/pi-logging.yml b/rootfs/opt/privacyidea/pi-logging.yml
index cd79711..2049236 100644
--- a/rootfs/opt/privacyidea/pi-logging.yml
+++ b/rootfs/opt/privacyidea/pi-logging.yml
@@ -9,12 +9,16 @@ handlers:
     class: logging.StreamHandler
     level: INFO
     formatter: detail
+  file:
+    # Rollover the logfile at midnight
+    class: logging.handlers.RotatingFileHandler
+    backupCount: 5
+    maxBytes: 1000000
+    formatter: detail
+    level: INFO
+    filename: /var/log/privacyidea/privacyidea.log
 
 loggers:
   privacyidea:
     level: INFO
-    handlers: [console]
-
-root:
-  level: WARNING
-  handlers: [console]
+    handlers: [file]
diff --git a/rootfs/opt/templates/pi-config.template b/rootfs/opt/templates/pi-config.template
index 4ad23df..fb37ea5 100644
--- a/rootfs/opt/templates/pi-config.template
+++ b/rootfs/opt/templates/pi-config.template
@@ -16,7 +16,8 @@ if PI_PEPPER is None:
 SUPERUSER_REALM = os.environ.get('PI_SUPERUSER_REALM','administrator').split(',')
 
 SQLALCHEMY_DATABASE_URI = "$SQLALCHEMY_DATABASE_URI"
-SQLALCHEMY_ENGINE_OPTIONS = {"pool_pre_ping": True, "pool_recycle": 3600, "pool_size":10, "pool_timeout": 30, "max_overflow": 20}
+# Update SQLALCHEMY_ENGINE_OPTIONS accordingly to your needs
+# SQLALCHEMY_ENGINE_OPTIONS = {"pool_pre_ping": True, "pool_recycle": 3600, "pool_size":10, "pool_timeout": 30, "max_overflow": 20}
 PI_ENCFILE = os.environ.get("PI_ENCFILE", "/data/privacyidea/keys/encfile")
 PI_HSM = os.environ.get("PI_HSM", "default")
 PI_AUDIT_NO_SIGN = os.environ.get("PI_AUDIT_NO_SIGN", "False").lower() == "true"