|
|
|
|
|
|
64
|
keyserver_mail_subject_line=$"${PROJECT_NAME} keyserver warning"
|
64
|
keyserver_mail_subject_line=$"${PROJECT_NAME} keyserver warning"
|
|
65
|
keyserver_mail_subject_line_disabled=$"${PROJECT_NAME} keyserver disabled"
|
65
|
keyserver_mail_subject_line_disabled=$"${PROJECT_NAME} keyserver disabled"
|
|
66
|
read_config_param KEYSERVER_DOMAIN_NAME
|
66
|
read_config_param KEYSERVER_DOMAIN_NAME
|
|
|
|
67
|
+
|
|
|
|
68
|
+ # check database size hourly
|
|
67
|
keyserver_watchdog_script=/etc/cron.hourly/keyserver-watchdog
|
69
|
keyserver_watchdog_script=/etc/cron.hourly/keyserver-watchdog
|
|
68
|
echo '#!/bin/bash' > $keyserver_watchdog_script
|
70
|
echo '#!/bin/bash' > $keyserver_watchdog_script
|
|
69
|
echo "dirsize=\$(du /var/lib/sks/DB | awk -F ' ' '{print \$1}')" >> $keyserver_watchdog_script
|
71
|
echo "dirsize=\$(du /var/lib/sks/DB | awk -F ' ' '{print \$1}')" >> $keyserver_watchdog_script
|
|
|
|
|
|
|
80
|
echo 'fi' >> $keyserver_watchdog_script
|
82
|
echo 'fi' >> $keyserver_watchdog_script
|
|
81
|
|
83
|
|
|
82
|
chmod +x $keyserver_watchdog_script
|
84
|
chmod +x $keyserver_watchdog_script
|
|
|
|
85
|
+
|
|
|
|
86
|
+ # clear out log files daily
|
|
|
|
87
|
+ keyserver_watchdog_script=/etc/cron.daily/keyserver-db
|
|
|
|
88
|
+ echo '#!/bin/sh' > $keyserver_watchdog_script
|
|
|
|
89
|
+ echo 'if [ -d /var/lib/sks/DB ]; then' >> $keyserver_watchdog_script
|
|
|
|
90
|
+ echo ' cd /var/lib/sks/DB' >> $keyserver_watchdog_script
|
|
|
|
91
|
+ echo ' systemctl stop sks' >> $keyserver_watchdog_script
|
|
|
|
92
|
+ echo ' db_archive -d' >> $keyserver_watchdog_script
|
|
|
|
93
|
+ echo ' systemctl start sks' >> $keyserver_watchdog_script
|
|
|
|
94
|
+ echo 'fi' >> $keyserver_watchdog_script
|
|
|
|
95
|
+ chmod +x $keyserver_watchdog_script
|
|
83
|
}
|
96
|
}
|
|
84
|
|
97
|
|
|
85
|
|
98
|
|
|
|
|
|
|
|
668
|
echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
681
|
echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
669
|
echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
682
|
echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
670
|
echo '' >> $keyserver_nginx_site
|
683
|
echo '' >> $keyserver_nginx_site
|
|
|
|
684
|
+ echo ' location / {' >> $keyserver_nginx_site
|
|
|
|
685
|
+ function_check nginx_limits
|
|
|
|
686
|
+ nginx_limits $KEYSERVER_DOMAIN_NAME '128k'
|
|
|
|
687
|
+ echo ' }' >> $keyserver_nginx_site
|
|
|
|
688
|
+ echo '' >> $keyserver_nginx_site
|
|
671
|
echo ' location /pks {' >> $keyserver_nginx_site
|
689
|
echo ' location /pks {' >> $keyserver_nginx_site
|
|
672
|
echo ' proxy_pass http://127.0.0.1:11373;' >> $keyserver_nginx_site
|
690
|
echo ' proxy_pass http://127.0.0.1:11373;' >> $keyserver_nginx_site
|
|
673
|
echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
691
|
echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
|
674
|
echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:11371 (nginx)\";" >> $keyserver_nginx_site
|
692
|
echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:11371 (nginx)\";" >> $keyserver_nginx_site
|
|
675
|
echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
693
|
echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
|
676
|
echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
694
|
echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
|
|
|
695
|
+ echo ' client_body_buffer_size 128k;' >> $keyserver_nginx_site
|
|
677
|
echo ' }' >> $keyserver_nginx_site
|
696
|
echo ' }' >> $keyserver_nginx_site
|
|
678
|
echo '}' >> $keyserver_nginx_site
|
697
|
echo '}' >> $keyserver_nginx_site
|
|
679
|
echo '' >> $keyserver_nginx_site
|
698
|
echo '' >> $keyserver_nginx_site
|
|
|
|
|
|
|
715
|
echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
734
|
echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
716
|
echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
735
|
echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
717
|
echo '' >> $keyserver_nginx_site
|
736
|
echo '' >> $keyserver_nginx_site
|
|
|
|
737
|
+ echo ' location / {' >> $keyserver_nginx_site
|
|
|
|
738
|
+ function_check nginx_limits
|
|
|
|
739
|
+ nginx_limits $KEYSERVER_DOMAIN_NAME '128k'
|
|
|
|
740
|
+ echo ' }' >> $keyserver_nginx_site
|
|
|
|
741
|
+ echo '' >> $keyserver_nginx_site
|
|
718
|
echo ' location /pks {' >> $keyserver_nginx_site
|
742
|
echo ' location /pks {' >> $keyserver_nginx_site
|
|
719
|
echo " proxy_pass http://127.0.0.1:11373;" >> $keyserver_nginx_site
|
743
|
echo " proxy_pass http://127.0.0.1:11373;" >> $keyserver_nginx_site
|
|
720
|
echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
744
|
echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
|
721
|
echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:11372 (nginx)\";" >> $keyserver_nginx_site
|
745
|
echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:11372 (nginx)\";" >> $keyserver_nginx_site
|
|
722
|
echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
746
|
echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
|
723
|
echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
747
|
echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
|
|
|
748
|
+ echo ' client_body_buffer_size 128k;' >> $keyserver_nginx_site
|
|
724
|
echo ' }' >> $keyserver_nginx_site
|
749
|
echo ' }' >> $keyserver_nginx_site
|
|
725
|
echo '}' >> $keyserver_nginx_site
|
750
|
echo '}' >> $keyserver_nginx_site
|
|
726
|
echo '' >> $keyserver_nginx_site
|
751
|
echo '' >> $keyserver_nginx_site
|
|
|
|
|
|
|
756
|
echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
781
|
echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
757
|
echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
782
|
echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
758
|
echo '' >> $keyserver_nginx_site
|
783
|
echo '' >> $keyserver_nginx_site
|
|
|
|
784
|
+ echo ' location / {' >> $keyserver_nginx_site
|
|
|
|
785
|
+ function_check nginx_limits
|
|
|
|
786
|
+ nginx_limits $KEYSERVER_DOMAIN_NAME '128k'
|
|
|
|
787
|
+ echo ' }' >> $keyserver_nginx_site
|
|
|
|
788
|
+ echo '' >> $keyserver_nginx_site
|
|
759
|
echo ' location /pks {' >> $keyserver_nginx_site
|
789
|
echo ' location /pks {' >> $keyserver_nginx_site
|
|
760
|
echo " proxy_pass http://127.0.0.1:11373;" >> $keyserver_nginx_site
|
790
|
echo " proxy_pass http://127.0.0.1:11373;" >> $keyserver_nginx_site
|
|
761
|
echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
791
|
echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
|
762
|
echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:$KEYSERVER_ONION_PORT (nginx)\";" >> $keyserver_nginx_site
|
792
|
echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:$KEYSERVER_ONION_PORT (nginx)\";" >> $keyserver_nginx_site
|
|
763
|
echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
793
|
echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
|
764
|
echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
794
|
echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
|
|
|
795
|
+ echo ' client_body_buffer_size 128k;' >> $keyserver_nginx_site
|
|
765
|
echo ' }' >> $keyserver_nginx_site
|
796
|
echo ' }' >> $keyserver_nginx_site
|
|
766
|
echo '}' >> $keyserver_nginx_site
|
797
|
echo '}' >> $keyserver_nginx_site
|
|
767
|
|
798
|
|
Bob Mottram
7 年之前