配置独立的日志轮转防止日志沾满磁盘空间,只配置代理服务单独日志,不影响其他服务。如下截图是Proxy服务器日志文件,我们使用代理服务器举例保留7天的日志配置步骤:

sudo touch /etc/sing-box/sing-box.logsudo chmod 644 /etc/sing-box/sing-box.logsudo chown root:root /etc/sing-box/sing-box.logsudo nano /etc/systemd/system/sing-box.service编辑sing-box.service追加#关键配置:禁用systemd journal日志StandardOutput=nullStandardError=null
[Unit]Description=sing-box proxy serviceAfter=network.target[Service]Type=simpleUser=rootGroup=rootWorkingDirectory=/etc/sing-boxExecStart=/etc/sing-box/sing-box/sing-box run -c /etc/sing-box/config.jsonRestart=on-failureRestartSec=5# 关键配置:禁用systemd journal日志StandardOutput=nullStandardError=null[Install]WantedBy=multi-user.targetsudo nano /etc/logrotate.d/sing-box配置如下
/etc/sing-box/sing-box.log { daily rotate 7 compress delaycompress missingok notifempty copytruncate create 644 root root postrotate # 如果需要重启服务,取消下面一行的注释 # systemctl restart sing-box > /dev/null 2>&1 || true endscript}sudo systemctl daemon-reloadsudo systemctl start sing-boxsudo systemctl enable sing-boxsudo systemctl status sing-boxsudo tail -f /etc/sing-box/sing-box.logsudo ls -lh /etc/sing-box/sing-box.logsudo journalctl -u sing-box --since "1 minute ago"sudo logrotate -vf /etc/logrotate.d/sing-boxls -lh /etc/sing-box/•StandardOutput=null 和 StandardError=null:禁止日志输出到systemd journal
• sing-box配置中的 "output": "/etc/sing-box/sing-box.log":所有日志只写入指定文件
• 完全不影响系统其他服务的日志
• daily:每天轮转一次
• rotate 7:保留7天的日志
• compress:压缩旧日志节省空间
• copytruncate:复制后截断,服务无需重启
• create 644 root root:创建新日志文件并设置权限
查看日志大小
sudo ls -lh /etc/sing-box/sing-box.log手动触发日志轮转
sudo logrotate -vf /etc/logrotate.d/sing-box清空当前日志(服务运行时可用)
sudo truncate -s 0 /etc/sing-box/sing-box.log删除旧日志文件
sudo rm /etc/sing-box/sing-box.log.*配置独立的日志轮转(不使用systemd journal)注意要给目录或日志文件权限举例如下
sudo mkdir -p /var/log/proxy-servicessudo mkdir -p /var/log/proxy-services/sing-boxsudo mkdir -p /var/log/proxy-services/anytlssudo mkdir -p /var/log/proxy-services/dnsmasqsudo chown -R root:root /var/log/proxy-servicessudo chmod -R 755 /var/log/proxy-servicessudo touch /var/log/proxy-services/sing-box/sing-box.logsudo touch /var/log/proxy-services/sing-box/access.logsudo touch /var/log/proxy-services/sing-box/error.logsudo chmod 644 /var/log/proxy-services/sing-box/*.logsudo nano /etc/logrotate.d/log-services
# ----- nginx -----/var/log/proxy-services/sing-box/*.log { daily # 每天轮转 rotate 7 # 保留7天 compress # 压缩旧日志 delaycompress # 延迟一天压缩 missingok # 日志文件不存在时不报错 notifempty # 空文件不轮转 create 644 root root # 创建新文件的权限 sharedscripts # 所有文件轮转后执行一次脚本 postrotate # 发送USR1信号让sing-box重新打开日志文件 # 如果sing-box不支持USR1信号,则重启服务 if systemctl is-active --quiet sing-box; then # 尝试发送USR1信号 pkill -USR1 -f "sing-box run" 2>/dev/null || true # 如果发送信号失败,则重启服务 if [ $? -ne 0 ]; then systemctl restart sing-box fi fi endscript}# ----- anytls -----/var/log/proxy-services/anytls/*.log { daily rotate 3 # anytls日志较多,只保留3天 compress delaycompress missingok notifempty create 644 root root sharedscripts postrotate if systemctl is-active --quiet anytls; then pkill -USR1 -f "anytls-client" 2>/dev/null || true if [ $? -ne 0 ]; then systemctl restart anytls fi fi endscript}# ----- dnsmasq -----/var/log/proxy-services/dnsmasq/*.log { weekly # dnsmasq日志较少,每周轮转 rotate 4 # 保留4周 compress delaycompress missingok notifempty create 644 root root sharedscripts postrotate if systemctl is-active --quiet dnsmasq; then systemctl restart dnsmasq fi endscript}注意事项
这个方案只有4个简单步骤,完全实现了代理服务日志的独立管理,不影响系统其他日志,且自动处理日志轮转。