npm - @kirschbaum-development/sst-laravel - Versions diffs - 0.3.5 → 0.3.6 - Mend

@kirschbaum-development/sst-laravel 0.3.5 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -118,6 +118,20 @@ const app = new LaravelService('MyLaravelApp', {
 This has no effect when no `domain` is set, or when you provide an explicit `web.loadBalancer` (configure `loadBalancer.ports` yourself in that case).
+#### Access logs
+The web container runs nginx (`serversideup/php:*-fpm-nginx`), which logs every request — including the load balancer health-check pings — to stdout, where it ends up in CloudWatch. To silence those access logs, set `accessLogs: false`:
+```js
+const app = new LaravelService('MyLaravelApp', {
+  web: {
+    accessLogs: false,
+  },
+});
+```
+This points the serversideup `NGINX_ACCESS_LOG` variable at `/dev/null`. Error logs and the Laravel application logs are unaffected. Only the web container runs nginx, so this has no effect on workers or the Reverb service.
 ### Reverb
 You can deploy a dedicated Laravel Reverb service for WebSocket traffic. Reverb runs as a worker-style container using `php artisan reverb:start`, but SST Laravel also attaches a load balancer so you can give it its own public domain.

package/docs/api.md CHANGED Viewed

@@ -292,6 +292,18 @@ web: {
 }
 ```
+#### `web.accessLogs`
+- **Type:** `boolean`
+- **Default:** `true`
+- **Description:** Stream the nginx access logs from the web container to CloudWatch. The web container runs nginx (`serversideup/php:*-fpm-nginx`), which logs every request — including the load balancer health-check pings — to stdout. Set to `false` to silence those access logs (points the serversideup `NGINX_ACCESS_LOG` variable at `/dev/null`). Error logs and the Laravel application logs are unaffected. Only the web container runs nginx, so this has no effect on workers or the Reverb service.
+**Example:**
+```typescript
+web: {
+  accessLogs: false,
+}
+```
 #### `web.executionRole`
 - **Type:** `ServiceArgs["executionRole"]`
 - **Description:** Execution role for the web service.

package/laravel-sst.ts CHANGED Viewed

@@ -28,6 +28,7 @@ import { RemoteEnvFile } from './src/remote-env-file';
 import { buildReverbEnvironmentVariables } from './src/reverb';
 import { getSecretsFingerprint } from './src/secrets-manager';
 import { buildDefaultPublicPorts, Port } from './src/load-balancer';
+import { buildWebServerEnvironment } from './src/web-server';
 // Re-export RemoteEnvVault for external use
 export { RemoteEnvVault, RemoteEnvVaultArgs };
@@ -212,6 +213,29 @@ export interface LaravelWebArgs extends LaravelServiceArgs {
      * ```
      */
     httpsRedirect?: boolean;
+    /**
+     * Stream the nginx access logs from the web container to CloudWatch.
+     *
+     * The web container runs nginx (`serversideup/php:*-fpm-nginx`), which logs
+     * every request — including the load balancer health-check pings — to
+     * stdout. Set this to `false` to silence those access logs (it points the
+     * serversideup `NGINX_ACCESS_LOG` variable at `/dev/null`). Error logs and
+     * the Laravel application logs are unaffected.
+     *
+     * Only the web container runs nginx, so this has no effect on workers or
+     * the Reverb service.
+     *
+     * @default `true`
+     *
+     * @example
+     * ```js
+     * web: {
+     *   accessLogs: false,
+     * }
+     * ```
+     */
+    accessLogs?: boolean;
 }
 export interface LaravelReverbArgs extends LaravelServiceArgs {
@@ -466,7 +490,12 @@ export class LaravelService extends Component {
         });
         const addWebService = () => {
-            const envVariables = getEnvironmentVariables();
+            const envVariables = {
+                ...getEnvironmentVariables(),
+                ...buildWebServerEnvironment({
+                    accessLogs: args.web?.accessLogs,
+                }),
+            };
             this.services['web'] = new sst.aws.Service(
                 `${name}-Web`,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@kirschbaum-development/sst-laravel",
-  "version": "0.3.5",
+  "version": "0.3.6",
   "type": "module",
   "description": "An unofficial extension of SST to deploy containerized Laravel applications to AWS Fargate.",
   "main": "laravel-sst.ts",

package/src/web-server.ts ADDED Viewed

@@ -0,0 +1,26 @@
+export interface WebServerEnvironmentOptions {
+  /**
+   * Whether the nginx access logs should keep streaming to CloudWatch.
+   *
+   * @default true
+   */
+  accessLogs?: boolean;
+}
+/**
+ * Builds the web-server-specific container environment overrides derived from
+ * the web service options.
+ *
+ * Setting `accessLogs` to `false` points the serversideup `NGINX_ACCESS_LOG`
+ * variable at `/dev/null`, which silences the nginx access logs (including the
+ * load balancer health-check pings) while leaving the error logs untouched.
+ */
+export function buildWebServerEnvironment({
+  accessLogs,
+}: WebServerEnvironmentOptions): Record<string, string> {
+  if (accessLogs === false) {
+    return { NGINX_ACCESS_LOG: '/dev/null' };
+  }
+  return {};
+}