MB-61292: Move logs and audit deks to config dir

It is always normal to remove logs and audit folder. It is very
easy to remove the deks folder with them, and ideally it should also
be ok, but is not that easy to handle key removal properly in this
case (we don't know if it is a hard error that we can't read the key
or it is ok, and we should ignore it). It seems to be much easier to
move deks to config dir and assume that all deks should always be
present instead of assumming that some deks can suddenly disappear
at any moment

Change-Id: I9232038202e167284c344e4dbf8a2b9e5e227c09
Reviewed-on: https://review.couchbase.org/c/ns_server/+/221169
Reviewed-by: Navdeep S Boparai <[email protected]>
Tested-by: Timofey Barmin <[email protected]>
Well-Formed: Build Bot <[email protected]>

Author: timofey-barmin

apps/ns_babysitter/src/cb_gosecrets_runner.erl

@@ -690,18 +690,15 @@ key_path(bucketDek, Cfg) ->
 
 defaults() ->
     ConfigDir = path_config:component_path(data, "config"),
-    %% Note: when it is invoked from dump-guts, error_logger_mf_dir is not set
-    LogDir = application:get_env(ns_server, error_logger_mf_dir, undefined),
     [{es_password_env, "CB_MASTER_PASSWORD"},
      {es_password_source, env},
      {es_encrypt_key, true},
      {es_key_path_type, auto},
      {es_key_storage_type, 'file'},
      {kek_path, iolist_to_binary(filename:join(ConfigDir, "keks"))},
      {config_dek_path, iolist_to_binary(filename:join(ConfigDir, "deks"))},
-     {audit_dek_path, iolist_to_binary(filename:join(LogDir, "audit_deks"))},
-     {log_dek_path,
-      iolist_to_binary(filename:join([LogDir, "deks"]))}].
+     {audit_dek_path, iolist_to_binary(filename:join(ConfigDir, "audit_deks"))},
+     {log_dek_path, iolist_to_binary(filename:join(ConfigDir, "logs_deks"))}].
 
 format_error({write_failed, CfgPath, Error}) ->
     io_lib:format("Could not write file '~s': ~s (~p)",