From 0f391dbffbf8045b372b3ccf4318825a71398d1f Mon Sep 17 00:00:00 2001 From: boris runakov Date: Wed, 20 Apr 2022 13:02:17 +0300 Subject: [PATCH] use tmpfs if matrix_nginx_proxy_enabled --- roles/matrix-nginx-proxy/defaults/main.yml | 6 +++--- .../templates/nginx/conf.d/matrix-synapse.conf.j2 | 6 +++++- .../templates/systemd/matrix-nginx-proxy.service.j2 | 3 +++ 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index e1f30c13e..f7847835f 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -275,7 +275,7 @@ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_trusted_certificate: "{{ matr # The tmpfs at /tmp needs to be large enough to handle multiple concurrent file uploads. matrix_nginx_proxy_tmp_directory_size_mb: "{{ (matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb | int) * 50 }}" - +matrix_nginx_proxy_tmp_cache_directory_size_mb: "{{ (matrix_nginx_proxy_synapse_cache_max_size | int) * 2 }}" # A list of strings containing additional configuration blocks to add to the nginx server configuration (nginx.conf). # for big matrixservers to enlarge the number of open files to prevent timeouts # matrix_nginx_proxy_proxy_additional_configuration_blocks: @@ -559,11 +559,11 @@ matrix_nginx_proxy_synapse_frontend_proxy_locations: [] # synapse content caching matrix_nginx_proxy_synapse_cache_enabled: false -matrix_nginx_proxy_synapse_cache_path: "{{ matrix_nginx_proxy_base_path }}/data/cache" +matrix_nginx_proxy_synapse_cache_path: "{{ matrix_nginx_proxy_base_path+'/cache' if matrix_nginx_proxy_synapse_cache_enabled else '/tmp/cache' }}" matrix_nginx_proxy_synapse_cache_keys_zone_name: "STATIC" matrix_nginx_proxy_synapse_cache_keys_zone_size: "10m" matrix_nginx_proxy_synapse_cache_inactive_time: "48h" -matrix_nginx_proxy_synapse_cache_max_size: "1g" +matrix_nginx_proxy_synapse_cache_max_size: 1024 matrix_nginx_proxy_synapse_cache_proxy_cache_valid_time: "24h" diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 5c70abdd5..95f365692 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -6,7 +6,11 @@ {% set frontend_proxy_workers = matrix_nginx_proxy_synapse_workers_list|selectattr('type', 'equalto', 'frontend_proxy')|list %} {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if matrix_nginx_proxy_synapse_cache_enabled %} - proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} levels=1:2 keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} max_size={{ matrix_nginx_proxy_synapse_cache_max_size }}; + proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} \ + levels=1:2 \ + keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} \ + inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} \ + max_size={{ matrix_nginx_proxy_synapse_cache_max_size }}m; {% endif %} # Round Robin "upstream" pools for workers diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 172a83bc9..64211cb86 100755 --- a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -22,6 +22,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ --cap-drop=ALL \ --read-only \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_nginx_proxy_tmp_directory_size_mb }}m \ + {% if matrix_nginx_proxy_enabled and matrix_nginx_proxy_synapse_cache_enabled %} + --tmpfs=/tmp/cache:rw,noexec,nosuid,size={{ matrix_nginx_proxy_tmp_cache_directory_size_mb }}m\ + {% endif %} --network={{ matrix_docker_network }} \ {% if matrix_nginx_proxy_container_http_host_bind_port %} -p {{ matrix_nginx_proxy_container_http_host_bind_port }}:8080 \