diff --git a/docker/horizon/Dockerfile.j2 b/docker/horizon/Dockerfile.j2
index 97f47d4..00b8bdd 100644
--- a/docker/horizon/Dockerfile.j2
+++ b/docker/horizon/Dockerfile.j2
@@ -23,4 +23,6 @@ RUN mv horizon*/ horizon-{{ branch }}/ \
ENV PATH /var/lib/venv/bin:$PATH
COPY daemon.sh /usr/local/bin/daemon.sh
-RUN chmod 755 /usr/local/bin/daemon.sh
\ No newline at end of file
+COPY horizon_sudoers /etc/sudoers.d/horizon_sudoers
+RUN chmod 755 /usr/local/bin/daemon.sh \
+ && chmod 440 /etc/sudoers.d/horizon_sudoers
diff --git a/docker/horizon/horizon_sudoers b/docker/horizon/horizon_sudoers
new file mode 100644
index 0000000..3e42cab
--- /dev/null
+++ b/docker/horizon/horizon_sudoers
@@ -0,0 +1 @@
+%microservices ALL=(root) NOPASSWD: /bin/chown horizon\:horizon /var/log/ccp/horizon
diff --git a/service/files/openstack-dashboard.conf.j2 b/service/files/openstack-dashboard.conf.j2
index 5a4973a..8411603 100644
--- a/service/files/openstack-dashboard.conf.j2
+++ b/service/files/openstack-dashboard.conf.j2
@@ -1,15 +1,26 @@
-WSGIScriptAlias / /var/lib/microservices/venv/lib/python2.7/site-packages/openstack_dashboard/wsgi/django.wsgi
-WSGIScriptAlias /horizon /var/lib/microservices/venv/lib/python2.7/site-packages/openstack_dashboard/wsgi/django.wsgi
-WSGIDaemonProcess horizon user=horizon group=horizon processes=3 threads=10 python-path=/var/lib/microservices/venv/lib/python2.7/site-packages
-WSGIProcessGroup horizon
-Alias /static /var/lib/microservices/venv/local/lib/python2.7/site-packages/static
-
- Order allow,deny
- Allow from all
- Require all granted
-
-
- Order allow,deny
- Allow from all
- Require all granted
-
+{% set venv_path = '/var/lib/microservices/venv/lib/python2.7/site-packages' %}
+
+
+ WSGIScriptAlias / {{ venv_path }}/openstack_dashboard/wsgi/django.wsgi
+ WSGIScriptAlias /horizon {{ venv_path }}/openstack_dashboard/wsgi/django.wsgi
+ WSGIDaemonProcess horizon user=horizon group=horizon processes=3 threads=10 python-path={{ venv_path }}
+ WSGIProcessGroup horizon
+
+ Alias /static {{ venv_path }}/static
+
+
+ Order allow,deny
+ Allow from all
+ Require all granted
+
+
+ Order allow,deny
+ Allow from all
+ Require all granted
+
+
+ ErrorLogFormat "%{cu}t %-m:%-l %P:%T %M"
+ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" access
+ ErrorLog "/var/log/ccp/horizon/horizon-error.log"
+ CustomLog "/var/log/ccp/horizon/horizon-access.log" access
+
diff --git a/service/horizon.yaml b/service/horizon.yaml
index 0e36b55..13799c3 100644
--- a/service/horizon.yaml
+++ b/service/horizon.yaml
@@ -8,7 +8,14 @@ service:
probes:
readiness: "true"
liveness: "true"
+ volumes:
+ - name: horizon-logs
+ path: "/var/log/ccp/horizon"
+ type: host
+ readOnly: False
pre:
+ - name: chown-logs-dir
+ command: "sudo /bin/chown horizon:horizon /var/log/ccp/horizon"
- name: horizon-compress
command: /var/lib/microservices/venv/bin/python /var/lib/microservices/venv/bin/manage.py compress --force
daemon: