From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00 shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 17843205C1 for ; Tue, 12 Mar 2019 04:00:47 +0000 (UTC) From: Eric Wong To: meta@public-inbox.org Subject: [PATCH 12/13] cgit: use a dedicated named limiter Date: Tue, 12 Mar 2019 04:00:45 +0000 Message-Id: <20190312040046.4619-13-e@80x24.org> In-Reply-To: <20190312040046.4619-1-e@80x24.org> References: <20190312040046.4619-1-e@80x24.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: I mainly need this to enforce RLIMIT_CPU (and RLIMIT_CORE) when requests come which generate giant, unrealistic diffs. Per-coderepo limiters may be added in the future. But for now, I need to prevent cgit from monopolizing resources on my dinky server. --- Documentation/public-inbox-config.pod | 4 ++++ lib/PublicInbox/Cgit.pm | 3 ++- lib/PublicInbox/Config.pm | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/Documentation/public-inbox-config.pod b/Documentation/public-inbox-config.pod index dae6998..d6ecd08 100644 --- a/Documentation/public-inbox-config.pod +++ b/Documentation/public-inbox-config.pod @@ -231,6 +231,10 @@ the default limiter. C keys may be set to enforce resource limits for a particular limiter. +Default named-limiters are prefixed with "-". Currently, +the "-cgit" named limiter is reserved for instances spawning +cgit via C + =over 8 =item publicinboxlimiter..max diff --git a/lib/PublicInbox/Cgit.pm b/lib/PublicInbox/Cgit.pm index 3d1a0d5..9ba9e14 100644 --- a/lib/PublicInbox/Cgit.pm +++ b/lib/PublicInbox/Cgit.pm @@ -77,7 +77,8 @@ sub call { my $rdr = input_prepare($env) or return r(500); my $qsp = PublicInbox::Qspawn->new($self->{cmd}, $cgi_env, $rdr); - $qsp->psgi_return($env, undef, sub { + my $limiter = $self->{pi_config}->limiter('-cgit'); + $qsp->psgi_return($env, $limiter, sub { my ($r, $bref) = @_; my $res = parse_cgi_headers($r, $bref) or return; # incomplete $res; diff --git a/lib/PublicInbox/Config.pm b/lib/PublicInbox/Config.pm index 0f7485f..06e6215 100644 --- a/lib/PublicInbox/Config.pm +++ b/lib/PublicInbox/Config.pm @@ -132,7 +132,7 @@ sub limiter { my ($self, $name) = @_; $self->{-limiters}->{$name} ||= do { require PublicInbox::Qspawn; - my $max = $self->{"publicinboxlimiter.$name.max"}; + my $max = $self->{"publicinboxlimiter.$name.max"} || 1; my $limiter = PublicInbox::Qspawn::Limiter->new($max); $limiter->setup_rlimit($name, $self); $limiter; -- EW