set nofile limits for the strfry user

This commit is contained in:
openoms 2024-09-03 08:36:41 +02:00
parent ff10d3a421
commit 6497ce90e4
No known key found for this signature in database
GPG key ID: 5BFB77609B081B65

View file

@ -3,7 +3,6 @@
# https://github.com/hoytech/strfry/commits/master/ # https://github.com/hoytech/strfry/commits/master/
VERSION="32a367738c6db7430780058c4a6c98b271af73b2" VERSION="32a367738c6db7430780058c4a6c98b271af73b2"
APPID=strfry
portTCP=7777 portTCP=7777
portSSL=7778 portSSL=7778
@ -17,19 +16,31 @@ fi
if [ "$1" = "on" ]; then if [ "$1" = "on" ]; then
sudo adduser --system --group --shell /bin/bash --home /home/${APPID} ${APPID} || exit 1 LIMITS=("strfry soft nofile 1000000" "strfry hard nofile 1000000")
# Loop through each limit
for LIMIT in "${LIMITS[@]}"; do
# Check if the limit already exists
if ! grep -q "$LIMIT" /etc/security/limits.conf; then
echo "$LIMIT" | sudo tee -a /etc/security/limits.conf >/dev/null
echo "Limit added: $LIMIT"
else
echo "Limit already exists: $LIMIT"
fi
done
sudo apt install -y git build-essential libyaml-perl libtemplate-perl libregexp-grammars-perl libssl-dev zlib1g-dev liblmdb-dev libflatbuffers-dev libsecp256k1-dev libzstd-dev ufw sudo adduser --system --group --shell /bin/bash --home /home/strfry strfry || exit 1
cd /home/${APPID} || exit 1 sudo apt install -y build-essential libyaml-perl libtemplate-perl libregexp-grammars-perl libssl-dev zlib1g-dev liblmdb-dev libflatbuffers-dev libsecp256k1-dev libzstd-dev
sudo -u ${APPID} git clone https://github.com/hoytech/strfry.git cd /home/strfry || exit 1
sudo -u strfry git clone https://github.com/hoytech/strfry.git
cd strfry || exit 1 cd strfry || exit 1
sudo -u ${APPID} git reset --hard ${VERSION} sudo -u strfry git reset --hard ${VERSION}
sudo -u ${APPID} git submodule update --init sudo -u strfry git submodule update --init
sudo -u ${APPID} make setup-golpe sudo -u strfry make setup-golpe
sudo -u ${APPID} make -j2 sudo -u strfry make -j2
sudo mkdir /mnt/hdd/app-storage/strfry-db sudo mkdir /mnt/hdd/app-storage/strfry-db
sudo chown strfry:strfry /mnt/hdd/app-storage/strfry-db sudo chown strfry:strfry /mnt/hdd/app-storage/strfry-db
@ -39,7 +50,7 @@ if [ "$1" = "on" ]; then
sudo mkdir -p /mnt/hdd/app-data/strfry sudo mkdir -p /mnt/hdd/app-data/strfry
sudo chown -R strfry:strfry /mnt/hdd/app-data/strfry sudo chown -R strfry:strfry /mnt/hdd/app-data/strfry
sudo chmod 755 /mnt/hdd/app-data/strfry sudo chmod 755 /mnt/hdd/app-data/strfry
sudo -u ${APPID} cp ./strfry.conf /mnt/hdd/app-data/strfry/strfry.conf sudo -u strfry cp ./strfry.conf /mnt/hdd/app-data/strfry/strfry.conf
# symlink # symlink
sudo ln -s /mnt/hdd/app-data/strfry/strfry.conf /etc/strfry.conf sudo ln -s /mnt/hdd/app-data/strfry/strfry.conf /etc/strfry.conf
@ -98,6 +109,8 @@ if [ "$1" = "off" ]; then
# Tor # Tor
/home/admin/config.scripts/tor.onion-service.sh strfry off /home/admin/config.scripts/tor.onion-service.sh strfry off
sudo userdel -rf strfry
# setting value in raspiblitz config # setting value in raspiblitz config
/home/admin/config.scripts/blitz.conf.sh set strfry "off" /home/admin/config.scripts/blitz.conf.sh set strfry "off"