From 3c6b67b14923cc3a9ab8d11a339bd32e118dc1bd Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Fri, 3 Apr 2026 17:06:34 -0400
Subject: [PATCH] chore: unify timezone and implement containerized log
 rotation

---
 README.md           |  3 ++-
 conf/crontab        |  1 +
 conf/logrotate.conf |  6 +++---
 docker-compose.yml  | 18 +++++++++++-------
 4 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index a90b95d..4ecd78c 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,7 @@ workstation:3001           workstation:5060
 ```
 
 **Key Improvements:**
+- **Timezone Support:** All containers use the `TZ` variable from `.env` for consistent logging and database timestamps.
 - **Scalable Routing:** Nginx uses Regex (`~^(dev|test|bak|sr|prod)?-?...`) to automatically handle any environment prefix without configuration changes.
 - **Isolated Stacks:** Each deployment uses a unique `AE_NETWORK_NAME` and `CONTAINER_` prefix to prevent collisions.
 - **Shared Services:** Core infrastructure (DB/Redis) resides on the `aether_shared_net` which must be created manually once.
@@ -119,7 +120,7 @@ These scripts are located in the root directory:
 ## 📂 Directory Map
 
 *   **`conf/`**: Configuration templates for Nginx and Gunicorn. API config now lives in the `aether_api_fastapi` repo as `app/config.py` and reads settings directly from env vars.
-*   **`logs/`**: Centralized logging for all containers.
+*   **`logs/`**: Centralized logging for all containers. Automatic rotation is managed by the `ae_ops` service (7-day retention).
 *   **`srv/`**: Mount points for data and source code (managed via symlinks).
 *   **`scripts/`**: Internal automation logic.
 *   **`backups/`**: Storage for MariaDB snapshots.
diff --git a/conf/crontab b/conf/crontab
index fcc70bd..90a3cf9 100644
--- a/conf/crontab
+++ b/conf/crontab
@@ -1 +1,2 @@
 55 * * * * bash /scripts/backup_internal.sh >> /logs/backup_cron.log 2>&1
+0 0 * * * /usr/sbin/logrotate /etc/logrotate.conf
diff --git a/conf/logrotate.conf b/conf/logrotate.conf
index bef8a6a..aafc657 100644
--- a/conf/logrotate.conf
+++ b/conf/logrotate.conf
@@ -1,7 +1,7 @@
-# Logrotate configuration for Aether Docker Logs
-# To use: sudo ln -s /home/scott/OSIT_dev/aether_container_env/conf/logrotate.conf /etc/logrotate.d/aether
+# Logrotate configuration for Aether Docker Logs (Internal container version)
 
-/home/scott/OSIT_dev/aether_container_env/logs/*/*.log {
+/logs/*/*.log
+/logs/web/*/*.log {
     daily
     rotate 7
     missingok
diff --git a/docker-compose.yml b/docker-compose.yml
index e940483..2066f50 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -13,7 +13,7 @@ services:
         environment:
             - PUID=1000
             - PGID=1000
-            - TZ=US/Eastern
+            - TZ=${TZ}
 
             - NGINX_SERVER_NAMES="demo.localhost dev.localhost dev.oneskyit.com dev-app.oneskyit.com dev-connect.oneskyit.com dev-demo.oneskyit.com dev-aacc.oneskyit.com dev-aapor.oneskyit.com dev-ascm.oneskyit.com dev-businessgroup.oneskyt.com dev-chow.oneskyit.com dev-cmsc.oneskyit.com dev-idaa.oneskyit.com dev-ishlt.oneskyit.com dev-lci.oneskyit.com dev-ncsd.oneskyit.com dev-npa.oneskyit.com dev-rli.oneskyit.com test-app.oneskyit.com test-api.oneskyit.com test-demo.oneskyit.com test-lci.oneskyit.com test-idaa.oneskyit.com scott.oneskyit.com dgr.oneskyit.com"
         ports:
@@ -54,6 +54,8 @@ services:
         networks:
             - default
             - shared
+        environment:
+            - TZ=${TZ}
         command: redis-server --save "" --loglevel warning
         logging:
             driver: "json-file"
@@ -82,6 +84,7 @@ services:
             MYSQL_DATABASE: ${AE_DB_NAME}
             MYSQL_USER: ${AE_DB_USERNAME}
             MYSQL_PASSWORD: ${AE_DB_PASSWORD}
+            TZ: ${TZ}
         ports:
             - "${AE_DB_EXTERNAL_PORT}:3306"
         volumes:
@@ -103,6 +106,7 @@ services:
         environment:
             PMA_HOST: mariadb
             UPLOAD_LIMIT: 64M
+            TZ: ${TZ}
         ports:
             - "${AE_PMA_PORT}:80"
         depends_on:
@@ -180,10 +184,8 @@ services:
             home.oneskyit.com: "71.126.159.102"
             static.oneskyit.com: "104.237.143.4"
             dev.oneskyit.com: "192.168.32.7"
-        # volumes:
-        #    # In production, the build happens INSIDE the container.
-        #    # Mounting the host source here would override the internal build.
-        #    # - ${AE_APP_SRC}:/app
+        volumes:
+            - ./logs/ae_app:/logs
         depends_on:
             - ae_api
             - redis
@@ -197,6 +199,8 @@ services:
     dozzle:
         container_name: ${CONTAINER_DOZZLE:-ae_dozzle_dev}
         image: amir20/dozzle:latest
+        environment:
+            - TZ=${TZ}
         volumes:
             - /var/run/docker.sock:/var/run/docker.sock
         ports:
@@ -209,7 +213,6 @@ services:
                 max-file: "3"
 
     ae_ops:
-        # ... (same as before) ...
         container_name: ${CONTAINER_AE_OPS:-ae_ops_dev}
         image: alpine:latest
         restart: always
@@ -224,7 +227,8 @@ services:
             - ./scripts:/scripts
             - ./logs:/logs
             - ./conf/crontab:/etc/crontabs/root
-        command: sh -c "apk add --no-cache docker-cli bash && crond -f -l 2"
+            - ./conf/logrotate.conf:/etc/logrotate.conf
+        command: sh -c "apk add --no-cache docker-cli bash logrotate && crond -f -l 2"
         depends_on:
             - mariadb
         logging: