What is the current logrotate interval? We only store Apache logs for the Document Interface anyway, so this is not relevant to minimizing metadata about source behavior. If anything, given our current turnaround on support tickets, 1 day of retention is insufficient and would hamstring us in our efforts to do remote troubleshooting using the logs.

I propose we move this off the 0.4 milestone and revisit at a later date, or close this entirely.

@garrettr The apache logs are currently set to 52 weekly rotations, meaning compressed logs will remain on disk for approximately one year. Since we don't log the Source Interface, that logging only applies to the Journalist Interface—however, the Journalist Interface logging is currently broken (#1606), so right now zero useful information exists on-disk about Journalist behavior.

I think persisting logs for 2 weeks would be a reasonable first step. Ideally, we'd be able to reduce this further, but that will require some combination of better support turnaround, and implementation of the opt-in log reporting we've discussed.

@redshiftzero Hackathon candidate.

A day is certainly too short, but a month or two is reasonable.

Agreed with @redshiftzero: let's set the new default logrotate value to 1-2 months. Once the change is made in the Ansible config logic, a playbook run (via ./securedrop-admin install) will be required to enforce the change. Future new installs will receive the updated value automatically.

As stated above, the logrotate functionality is only relevant for the Journalist Interface (previously called the "Document Interface"; see #1384), as the Source Interface does not log visitor interactions in production.

Keeping, the existing PR would need to be updated to cover existing instances without a playbook run, but the change is still valid.