Is there a way to purge IP logs stored by Discourse, at least the old ones? If not, do you plan to implement such functionality?
Discourse is used by dissident communities in authoritative countries (Russia, Iran etc.) and one of the complains is that storing IPs indefinitely poses a grave risk for community members if an administrative account gets compromised by authorities.
Well let’s see. Outside the Discourse Docker container we have
/var/discourse/shared/standalone/log
within that
/var/discourse/shared/standalone/log/rails
0 Jan 24 23:37 production_errors.log
20 Jan 17 23:36 production_errors.log-20190119.gz
20 Jan 18 23:49 production_errors.log-20190120.gz
20 Jan 19 23:36 production_errors.log-20190121.gz
20 Jan 20 23:42 production_errors.log-20190122.gz
20 Jan 22 00:05 production_errors.log-20190123.gz
20 Jan 22 23:43 production_errors.log-20190124.gz
0 Jan 23 23:53 production_errors.log-20190125
8752920 Jan 25 17:06 production.log
926575 Jan 18 23:48 production.log-20190119.gz
728846 Jan 19 23:36 production.log-20190120.gz
972063 Jan 20 23:42 production.log-20190121.gz
1114974 Jan 22 22:09 production.log-20190122.gz
1264281 Jan 22 23:43 production.log-20190123.gz
1058870 Jan 23 23:53 production.log-20190124.gz
11916058 Jan 24 23:37 production.log-20190125
383 Jan 24 23:37 unicorn.stderr.log
999 Jan 18 23:49 unicorn.stderr.log-20190119.gz
195 Jan 19 23:36 unicorn.stderr.log-20190120.gz
46254 Jan 20 23:42 unicorn.stderr.log-20190121.gz
49660 Jan 22 00:05 unicorn.stderr.log-20190122.gz
200 Jan 22 23:43 unicorn.stderr.log-20190123.gz
381 Jan 23 23:53 unicorn.stderr.log-20190124.gz
756 Jan 24 23:37 unicorn.stderr.log-20190125
0 Jan 24 23:37 unicorn.stdout.log
93 Jan 18 12:22 unicorn.stdout.log-20190119.gz
20 Jan 18 23:49 unicorn.stdout.log-20190120.gz
20 Jan 19 23:36 unicorn.stdout.log-20190121.gz
92 Jan 21 13:39 unicorn.stdout.log-20190122.gz
20 Jan 22 00:05 unicorn.stdout.log-20190123.gz
20 Jan 22 23:43 unicorn.stdout.log-20190124.gz
0 Jan 23 23:53 unicorn.stdout.log-20190125
and
/var/discourse/shared/standalone/log/var-log
3471 Jan 23 23:53 alternatives.log
2066 Dec 14 17:02 alternatives.log.1
693 Feb 10 2018 alternatives.log.10.gz
162 Jan 31 2018 alternatives.log.11.gz
135 Jan 22 2018 alternatives.log.12.gz
251 Nov 29 23:57 alternatives.log.2.gz
119 Oct 31 00:39 alternatives.log.3.gz
148 Oct 2 00:36 alternatives.log.4.gz
117 Sep 19 01:03 alternatives.log.5.gz
243 Jun 16 2018 alternatives.log.6.gz
251 May 24 2018 alternatives.log.7.gz
787 May 1 2018 alternatives.log.8.gz
665 Mar 6 2018 alternatives.log.9.gz
0 Jan 22 00:05 auth.log
147724 Jan 25 17:05 auth.log.1
9709 Jan 21 13:17 auth.log.2.gz
11130 Jan 15 19:05 auth.log.3.gz
9023 Jan 9 03:25 auth.log.4.gz
218238 Jan 23 23:53 dpkg.log
101445 Dec 31 23:59 dpkg.log.1
1495 Mar 29 2018 dpkg.log.10.gz
2061 Feb 26 2018 dpkg.log.11.gz
2932 Jan 31 2018 dpkg.log.12.gz
6633 Nov 29 23:57 dpkg.log.2.gz
1720 Nov 1 00:43 dpkg.log.3.gz
1629 Sep 28 00:48 dpkg.log.4.gz
1563 Aug 31 00:52 dpkg.log.5.gz
2326 Jul 19 2018 dpkg.log.6.gz
4031 Jun 28 2018 dpkg.log.7.gz
2386 May 24 2018 dpkg.log.8.gz
1339 May 1 2018 dpkg.log.9.gz
0 Jan 22 00:05 kern.log
336 Jan 21 13:39 kern.log.1
119 Jan 15 19:11 kern.log.2.gz
131 Jan 9 03:35 kern.log.3.gz
119 Jan 3 18:38 kern.log.4.gz
0 Oct 2 00:36 monit.log
0 Jan 22 00:05 syslog
84788 Jan 25 17:05 syslog.1
8903 Jan 21 13:17 syslog.2.gz
10027 Jan 15 19:08 syslog.3.gz
8447 Jan 9 03:30 syslog.4.gz
27373 Jan 3 18:35 syslog.5.gz
1075 Dec 14 19:59 syslog.6.gz
12831 Dec 14 16:33 syslog.7.gz
4096 Dec 31 23:59 unattended-upgrades
within that there are the apt, nginx, postgres, redis, and unattended-upgrades folders. Here’s the nginx one: