From a875d7fe6a8dc50afbd8a08c99af1c724e85de4f Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Thu, 12 Sep 2024 10:39:18 +0200 Subject: [PATCH] Fix #3450 --- core/admin/start.py | 2 +- core/base/libs/socrate/socrate/system.py | 1 + core/dovecot/conf/dovecot.conf | 18 ++++++++++++++++-- core/nginx/dovecot/proxy.conf | 22 ++++++++++++++++++++++ towncrier/newsfragments/3450.bugfix | 3 +++ 5 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 towncrier/newsfragments/3450.bugfix diff --git a/core/admin/start.py b/core/admin/start.py index 9574bbb7..2fc8fb40 100755 --- a/core/admin/start.py +++ b/core/admin/start.py @@ -64,7 +64,7 @@ test_unsupported() cmdline = [ "gunicorn", - "--threads", f"{os.cpu_count()}", + "--threads", f"{CPU_COUNT}", # If SUBNET6 is defined, gunicorn must listen on IPv6 as well as IPv4 "-b", f"{'[::]' if os.environ.get('SUBNET6') else '0.0.0.0'}:8080", "--logger-class mailu.Logger", diff --git a/core/base/libs/socrate/socrate/system.py b/core/base/libs/socrate/socrate/system.py index c5046f4c..e9892325 100644 --- a/core/base/libs/socrate/socrate/system.py +++ b/core/base/libs/socrate/socrate/system.py @@ -141,6 +141,7 @@ def clean_env(): for item in os.environ.get('TLS', ALL_PORTS).split(','): if item in PORTS_REQUIRING_TLS: os.environ[f'TLS_{item}']='True' + os.environ['CPU_COUNT'] = str(os.cpu_count()) def drop_privs_to(username='mailu'): pwnam = getpwnam(username) diff --git a/core/dovecot/conf/dovecot.conf b/core/dovecot/conf/dovecot.conf index 9c92aca6..8ba0a8f2 100644 --- a/core/dovecot/conf/dovecot.conf +++ b/core/dovecot/conf/dovecot.conf @@ -89,8 +89,7 @@ plugin { service indexer-worker { executable = /bin/nice -n 10 /usr/libexec/dovecot/indexer-worker - # TODO: maybe MAXPROC? I guess it depends on how much RAM is available - process_limit = 1 + process_limit = {{ CPU_COUNT }} } ############### @@ -137,12 +136,22 @@ service imap-login { inet_listener imap { port = 143 } + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } service pop3-login { inet_listener pop3 { port = 110 } + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } ############### @@ -166,6 +175,11 @@ service managesieve-login { inet_listener sieve { port = 4190 } + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } protocol sieve { diff --git a/core/nginx/dovecot/proxy.conf b/core/nginx/dovecot/proxy.conf index 8decfc77..d7fcbb0a 100644 --- a/core/nginx/dovecot/proxy.conf +++ b/core/nginx/dovecot/proxy.conf @@ -87,6 +87,11 @@ service managesieve-login { inet_listener sieve-webmail { port = 14190 } + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } {% endif %} @@ -114,6 +119,11 @@ service imap-login { inet_listener imap-webmail { port = 10143 } + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } service pop3-login { @@ -132,6 +142,11 @@ service pop3-login { {% endif %} } {% endif %} + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } recipient_delimiter = {{ RECIPIENT_DELIMITER }} @@ -161,4 +176,11 @@ service submission-login { inet_listener submission-webmail { port = 10025 } + service_count = 0 + client_limit = 25000 + process_min_avail = {{ CPU_COUNT }} + process_limit = {{ CPU_COUNT }} + vsz_limit = 256M } + +!include_try /overrides/dovecot.conf diff --git a/towncrier/newsfragments/3450.bugfix b/towncrier/newsfragments/3450.bugfix new file mode 100644 index 00000000..ec92e429 --- /dev/null +++ b/towncrier/newsfragments/3450.bugfix @@ -0,0 +1,3 @@ +Ensure we can do more than 100 parallel sessions. +Make use of all CPUs available for indexing +Allow dovecot's config to be overriden in front too