Merge branch 'stretch' of https://github.com/bashrc/freedombone

src/freedombone-app-ghost

@@ -1,4 +1,4 @@
-emacs#!/bin/bash
+#!/bin/bash
 #
 # .---.                  .              .
 # |                      |              |

src/freedombone-app-keyserver

@@ -64,6 +64,8 @@ function keyserver_watchdog {
     keyserver_mail_subject_line=$"${PROJECT_NAME} keyserver warning"
     keyserver_mail_subject_line_disabled=$"${PROJECT_NAME} keyserver disabled"
     read_config_param KEYSERVER_DOMAIN_NAME
+
+    # check database size hourly
     keyserver_watchdog_script=/etc/cron.hourly/keyserver-watchdog
     echo '#!/bin/bash' > $keyserver_watchdog_script
     echo "dirsize=\$(du /var/lib/sks/DB | awk -F ' ' '{print \$1}')" >> $keyserver_watchdog_script
@@ -80,6 +82,17 @@ function keyserver_watchdog {
     echo 'fi' >> $keyserver_watchdog_script
 
     chmod +x $keyserver_watchdog_script
+
+    # clear out log files daily
+    keyserver_watchdog_script=/etc/cron.daily/keyserver-db
+    echo '#!/bin/sh' > $keyserver_watchdog_script
+    echo 'if [ -d /var/lib/sks/DB ]; then' >> $keyserver_watchdog_script
+    echo '    cd /var/lib/sks/DB' >> $keyserver_watchdog_script
+    echo '    systemctl stop sks' >> $keyserver_watchdog_script
+    echo '    db_archive -d' >> $keyserver_watchdog_script
+    echo '    systemctl start sks' >> $keyserver_watchdog_script
+    echo 'fi' >> $keyserver_watchdog_script
+    chmod +x $keyserver_watchdog_script
 }
 
 
@@ -668,12 +681,18 @@ function install_keyserver {
         echo '  rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
         echo '  rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
         echo '' >> $keyserver_nginx_site
+        echo '  location / {' >> $keyserver_nginx_site
+        function_check nginx_limits
+        nginx_limits $KEYSERVER_DOMAIN_NAME '128k'
+        echo '  }' >> $keyserver_nginx_site
+        echo '' >> $keyserver_nginx_site
         echo '  location /pks {' >> $keyserver_nginx_site
         echo '    proxy_pass         http://127.0.0.1:11373;' >> $keyserver_nginx_site
         echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
         echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:11371 (nginx)\";" >> $keyserver_nginx_site
         echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
         echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
+        echo '    client_body_buffer_size 128k;' >> $keyserver_nginx_site
         echo '  }' >> $keyserver_nginx_site
         echo '}' >> $keyserver_nginx_site
         echo '' >> $keyserver_nginx_site
@@ -715,12 +734,18 @@ function install_keyserver {
         echo '  rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
         echo '  rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
         echo '' >> $keyserver_nginx_site
+        echo '  location / {' >> $keyserver_nginx_site
+        function_check nginx_limits
+        nginx_limits $KEYSERVER_DOMAIN_NAME '128k'
+        echo '  }' >> $keyserver_nginx_site
+        echo '' >> $keyserver_nginx_site
         echo '  location /pks {' >> $keyserver_nginx_site
         echo "    proxy_pass         http://127.0.0.1:11373;" >> $keyserver_nginx_site
         echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
         echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:11372 (nginx)\";" >> $keyserver_nginx_site
         echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
         echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
+        echo '    client_body_buffer_size 128k;' >> $keyserver_nginx_site
         echo '  }' >> $keyserver_nginx_site
         echo '}' >> $keyserver_nginx_site
         echo '' >> $keyserver_nginx_site
@@ -756,12 +781,18 @@ function install_keyserver {
     echo '  rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
     echo '  rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
     echo '' >> $keyserver_nginx_site
+    echo '  location / {' >> $keyserver_nginx_site
+    function_check nginx_limits
+    nginx_limits $KEYSERVER_DOMAIN_NAME '128k'
+    echo '  }' >> $keyserver_nginx_site
+    echo '' >> $keyserver_nginx_site
     echo '  location /pks {' >> $keyserver_nginx_site
     echo "    proxy_pass         http://127.0.0.1:11373;" >> $keyserver_nginx_site
     echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
     echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:$KEYSERVER_ONION_PORT (nginx)\";" >> $keyserver_nginx_site
     echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
     echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
+    echo '    client_body_buffer_size 128k;' >> $keyserver_nginx_site
     echo '  }' >> $keyserver_nginx_site
     echo '}' >> $keyserver_nginx_site
 

src/freedombone-upgrade

@@ -70,7 +70,9 @@ update-ca-certificates
 # remove any keyserver log files
 if [ -d /var/lib/sks/DB ]; then
     cd /var/lib/sks/DB
+    systemctl stop sks
     db_archive -d
+    systemctl start sks
 fi
 
 if [ ! -d $PROJECT_DIR ]; then