From ab82b09431206a611d70422f71842cc5616fd5f2 Mon Sep 17 00:00:00 2001
From: Markus Hauschild <markus@moepman.eu>
Date: Thu, 30 Sep 2021 16:08:58 +0200
Subject: [PATCH] nextcloud: anonymize nginx logs

---
 host_vars/nitrogen.binary-kitchen.net | 2 ++
 roles/nextcloud/templates/vhost.j2    | 3 ---
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/host_vars/nitrogen.binary-kitchen.net b/host_vars/nitrogen.binary-kitchen.net
index d5d8ddd..92df4ba 100644
--- a/host_vars/nitrogen.binary-kitchen.net
+++ b/host_vars/nitrogen.binary-kitchen.net
@@ -3,3 +3,5 @@
 root_keys_host:
 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJu4xYKnnAhXf2Fe+cI+U4EVkePw3cbPbSR4iPhY2fQf xaver@xm.1drop.de"
 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGC1Cn/tEqpZKEgLzT3bGrhYibQy0bc21rtoDqm4+elZ xaver@home"
+
+nginx_anonymize: True
diff --git a/roles/nextcloud/templates/vhost.j2 b/roles/nextcloud/templates/vhost.j2
index b8387fa..fd45fd2 100644
--- a/roles/nextcloud/templates/vhost.j2
+++ b/roles/nextcloud/templates/vhost.j2
@@ -27,9 +27,6 @@ server {
 	ssl_certificate_key /etc/nginx/ssl/{{ nextcloud_domain }}.key;
 	ssl_certificate /etc/nginx/ssl/{{ nextcloud_domain }}.crt;
 
-	# TODO enable anonymized in global config
-	#access_log  /var/log/nginx/access.log anonymized;
-
 	# Add headers to serve security related headers
 	add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
 	add_header X-Content-Type-Options nosniff;