diff --git a/roles/linstor_controller/handlers/main.yml b/roles/linstor_controller/handlers/main.yml
index d8c83a6..9d59d0f 100644
--- a/roles/linstor_controller/handlers/main.yml
+++ b/roles/linstor_controller/handlers/main.yml
@@ -6,3 +6,6 @@
   when:
     - not linctl_started.changed
     - not linctl_ha or linctl_services.ansible_facts.services['linstor-controller.service'] is defined and linctl_services.ansible_facts.services['linstor-controller.service'].state == 'started'
+
+- name: restart linstor-controller-logs-janitor
+  systemd: name=linstor-controller-logs-janitor.timer state=restarted
diff --git a/roles/linstor_controller/tasks/install.yml b/roles/linstor_controller/tasks/install.yml
index da847e1..c25a64c 100644
--- a/roles/linstor_controller/tasks/install.yml
+++ b/roles/linstor_controller/tasks/install.yml
@@ -10,6 +10,8 @@
       [Service]
       #User=linstor-controller
       #Group=linstor-controller
+      # Empty the error database on startup, to prevent unbounded growth
+      ExecStartPre=/bin/rm -f /var/log/linstor-controller/error-report.mv.db
       PrivateDevices=yes
       ProtectSystem=full
       ProtectHome=yes
@@ -38,9 +40,18 @@
   when: linctl_ha
   tags: drbd
 
+- name: Install controller logs janitor
+  template: src=linstor-controller-logs-janitor.{{ item }}.j2 dest=/etc/systemd/system/linstor-controller-logs-janitor.{{ item }}
+  loop:
+    - service
+    - timer
+  notify: restart linstor-controller-logs-janitor
+  register: linctl_janitor_unit
+  tags: drbd
+
 - name: Reload systemd
   systemd: daemon_reload=True
-  when: linctl_unit.changed or (linctl_data_unit is defined and linctl_data_unit.changed)
+  when: linctl_unit.changed or (linctl_data_unit is defined and linctl_data_unit.changed) or linctl_janitor_unit.results | selectattr('changed','equalto',True) | list | length > 0
   tags: drbd
 
 - name: Install backup hooks
diff --git a/roles/linstor_controller/tasks/services.yml b/roles/linstor_controller/tasks/services.yml
index c3744cf..06db183 100644
--- a/roles/linstor_controller/tasks/services.yml
+++ b/roles/linstor_controller/tasks/services.yml
@@ -6,6 +6,10 @@
   register: linctl_started
   tags: drbd
 
+- name: Handle log janitor timer
+  systemd: name=linstor-controller-logs-janitor.timer state=started enabled=True
+  tags: drbd
+
 - when: linctl_ha
   block:
     - name: Ensure the service is disabled and managed by drbd-reactor
diff --git a/roles/linstor_controller/templates/linstor-controller-logs-janitor.service.j2 b/roles/linstor_controller/templates/linstor-controller-logs-janitor.service.j2
new file mode 100644
index 0000000..dceff50
--- /dev/null
+++ b/roles/linstor_controller/templates/linstor-controller-logs-janitor.service.j2
@@ -0,0 +1,8 @@
+[Unit]
+Description=Remove old Linstor controllers logs
+
+[Service]
+Type=oneshot
+PrivateTmp=yes
+ExecStart=/sbin/tmpwatch -m 5d /var/log/linstor-controller/
+TimeoutSec=30m
diff --git a/roles/linstor_controller/templates/linstor-controller-logs-janitor.timer.j2 b/roles/linstor_controller/templates/linstor-controller-logs-janitor.timer.j2
new file mode 100644
index 0000000..6394886
--- /dev/null
+++ b/roles/linstor_controller/templates/linstor-controller-logs-janitor.timer.j2
@@ -0,0 +1,9 @@
+[Unit]
+Description=Remove old Linstor controllers logs
+
+[Timer]
+OnCalendar=daily
+RandomizedDelaySec=5m
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/linstor_controller/templates/logrotate.j2 b/roles/linstor_controller/templates/logrotate.j2
index d4b048a..d30baf5 100644
--- a/roles/linstor_controller/templates/logrotate.j2
+++ b/roles/linstor_controller/templates/logrotate.j2
@@ -1,4 +1,4 @@
-/var/log/linstor/rest-access.log {
+/var/log/linstor-controller/rest-access.log {
   daily
   rotate 180
   compress