about summary refs log tree commit homepage
path: root/examples/public-inbox-nntpd@.service
DateCommit message (Collapse)
2024-04-22doc: strongly recommend MALLOC_MMAP_THRESHOLD_=131072 for glibc
The 131072 byte lower bound was the old default before the sliding mmap window was introduced in modern glibc malloc. While the sliding mmap window was intended to be faster by reducing syscalls, zeroing and kernel overhead, it is also prone to fragmentation from allocation patterns seen in evented Perl servers. Individual allocations over 128K are rare in our codebase since there aren't many messages this large, making any performance impact tiny. Furthermore, the reduction in fragmentation and memory use will be a speedup for memory-constrained systems since they can avoid swap and have more leftover for the page cache.
2023-10-28examples/*.service: avoid `nobody' user on systemd
systemd complains about `User=nobody' since `nobody' has access to all files which can't be mapped to a valid UID. We'll also switch to `Group=ssl-cert' since that ought to be able to read TLS certificates.
2023-02-22examples: remove `Standard{Error,Output} = syslog' lines
systemd (247.3-7+deb11u1 on Debian 11.x) considers them "obsolete" and emits the following to my syslog: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether. So we'll remove it altogether, as I'm sticking with rsyslog for now.
2022-08-11examples: add systemd files for -netd
It's important show that a single systemd service and socket file can replace all other read-only daemons for ease-of-management.
2022-08-11examples: consolidate systemd socket examples
systemd.socket(5) files can actually contain multiple listen sockets, so shave down inode overhead and simplify config file management by consolidating all applicable ports into a single file for each daemon.
2019-09-14doc: update nntpd with NNTPS and STARTTLS examples
NNTPS and STARTTLS seems to be working for several months without incident on news.public-inbox.org, so consider it a success and maybe others can try using it. HTTPS technically works, too, but isn't documented at the moment since I can't recommend production deployments without varnish protecting it.
2019-06-30examples/*@.service: sockets MUST be NonBlocking
For users running multiple (-nntpd@1, -nntpd@2) instances of either -httpd or -nntpd via systemd to implement zero-downtime restarts; it's possible for a listen socket to become blocking for a moment during an accept syscall and cause a daemons to get stuck in a blocking accept() during PublicInbox::Listener::event_step (event_read in previous versions). Since O_NONBLOCK is a file description flag, systemd clearing O_NONBLOCK momentarily (before PublicInbox::Listener::new re-enables it) creates a window for another instance of our daemon to get stuck in accept(). cf. systemd.service(5)
2016-07-08examples: minimize differences for systemd examples
Our nntpd and httpd are similar so configuration differences should be minimized
2016-06-19examples/*@.service: wait one day for graceful shutdown
Because sometimes folks will want to download gigantic mboxes or make large clones over Tor which are not resume-friendly. Note: the timeout logic in nntpd is somewhat over-aggressive and can break some large slrnpulls. This ought to be easily recoverable on the client-side, though, since it's based on per-message fetches.
2016-06-13doc: systemd examples should only kill one process
For our daemons, killing only the master process is enough. Killing the entire control group (as done by default in systemd) may cause subprocesses such as git to shut down unexpectedly. Having systemd kill workers directly will also cause an immediate shutdown since the master would've already signaled the workers; and workers will die after two shutdown requests.
2016-06-13examples: systemd socket and service definitions for daemons
Since our daemons are built to take advantage of socket activation, provide example files to allow systems administrators to hit the ground running with systemd. Example init files for other systems greatly appreciated.