Sometimes when I deploy a Laravel project to AWS Elastic Beanstalk I'm faced with an annoying error saying that the log file cannot be opened:
The stream or file "/var/app/current/storage/logs/laravel-2020-10-21.log" could not be opened: failed to open stream: Permission denied
In my eb deploy.config file I have a statement which, in theory, should fix things, but doesn't:
files:
"/opt/elasticbeanstalk/hooks/appdeploy/post/99_make_storage_writable.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
echo "Making /storage writeable..."
chmod -R 755 /var/app/current/storage
if [ ! -f /var/app/current/storage/logs/laravel.log ]; then
echo "Creating /storage/logs/laravel.log..."
touch /var/app/current/storage/logs/laravel.log
chown webapp:webapp /var/app/current/storage/logs/laravel.log
fi
This is because it's not referencing the daily log file.
I have an .ebignore file in place which explicitly prevents local logs from being deployed, so it isn't the presence of an existing log file that's causing problems:
/storage/logs/*
The issue is that Laravel is creating the daily log as root so it cannot be written to by the normal user (webapp).
I just don't know why it's doing it?
The solution is to allow each process to create its own log file. That way each process will have the correct permissions to write to it.
You can do this in the config/logging.php file and adding the process name (php_sapi_name()) to the file name:
'daily' => [
'driver' => 'daily',
'path' => storage_path('logs/' . php_sapi_name() . '-laravel.log'),
'level' => 'debug',
'days' => 14,
],
Now each process will be able to write to its own file and there will be no permission problems.
Important Note: The above example uses "Daily", but make sure you make the change to right logging channel for you.