From daceff4914bbe2ca9d732a8ba677f67907fa1149 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sun, 18 Sep 2022 23:44:59 +0200 Subject: [PATCH 1/2] Add LimitNOFILE to service conf --- conf/systemd.service | 1 + 1 file changed, 1 insertion(+) diff --git a/conf/systemd.service b/conf/systemd.service index e961638..9d09edc 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -10,6 +10,7 @@ WorkingDirectory=__FINALPATH__/ ExecStart=__FINALPATH__/bin/dendrite-monolith-server --tls-cert=/etc/yunohost/certs/__DOMAIN__/crt.pem --tls-key=/etc/yunohost/certs/__DOMAIN__/key.pem --config=dendrite.yaml --http-bind-address=:__PORT__ --https-bind-address=:__TLS_PORT__ __REALLY_ENABLE_OPEN_REGISTRATION__ StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit +LimitNOFILE=65535 # Sandboxing options to harden security # Depending on specificities of your service/app, you may need to tweak these From 6a69cd6e55030a6882524efa947609ecacc02e52 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sun, 18 Sep 2022 23:46:00 +0200 Subject: [PATCH 2/2] Enable DNS cache --- conf/dendrite.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/conf/dendrite.yaml b/conf/dendrite.yaml index 5e02c0b..e5ce76e 100644 --- a/conf/dendrite.yaml +++ b/conf/dendrite.yaml @@ -116,12 +116,12 @@ global: # if there is no local caching resolver available for use. dns_cache: # Whether or not the DNS cache is enabled. - enabled: false + enabled: true # Maximum number of entries to hold in the DNS cache, and # for how long those items should be considered valid in seconds. - cache_size: 256 - cache_lifetime: "5m" # 5minutes; see https://pkg.go.dev/time@master#ParseDuration for more + cache_size: 4096 + cache_lifetime: "10m" # 5minutes; see https://pkg.go.dev/time@master#ParseDuration for more # Configuration for the Appservice API. app_service_api: