myron/do-server-config
1
0
Fork 0
mirror of https://github.com/myronblair/do-server-config synced 2026-06-30 17:50:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

config: raise LSAPI children limit 10→25 on JARVIS vhost and global handler

Browse Source 
Deadlocked twice today (2026-06-17) under AutoSSL + concurrent load.
jarvis.orbishosting.com extProcessor jarvi5150: maxConns 10→25,
LSAPI_CHILDREN 10→25. Global lsphp handler: same.
With ~40MB/worker and 1.1GB free RAM, 25 workers peaks at ~1GB.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
DO Server Backup
2026-06-17 19:21:50 +00:00
parent 3498da51b2
commit 5eea81e40f
2 changed files with 441 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
infra/httpd_config.conf
Executable
+439
View File
@@ -0,0 +1,439 @@
#
# PLAIN TEXT CONFIGURATION FILE
#
# If not set, will use host name as serverName
serverName
user nobody
group nogroup
priority 0
autoRestart 1
chrootPath /
enableChroot 0
inMemBufSize 60M
swappingDir /tmp/lshttpd/swap
autoFix503 1
gracefulRestartTimeout 300
mime conf/mime.properties
showVersionNumber 0
adminEmails root@localhost
autoSSL 1
acmeEmail admin@cyberpanel.net
indexFiles index.html, index.php
disableWebAdmin 0
errorlog logs/error.log {
logLevel DEBUG
debugLevel 0
rollingSize 10M
enableStderrLog 1
}
accessLog logs/access.log {
rollingSize 10M
keepDays 30
compressArchive 0
logReferer 1
logUserAgent 1
}
expires {
enableExpires 1
expiresByType image/*=A604800,text/css=A604800,application/x-javascript=A604800,application/javascript=A604800,font/*=A604800,application/x-font-ttf=A604800
}
tuning{
maxConnections 10000
maxSSLConnections 10000
connTimeout 300
maxKeepAliveReq 10000
smartKeepAlive 0
keepAliveTimeout 5
sndBufSize 0
rcvBufSize 0
gzipStaticCompressLevel 6
gzipMaxFileSize 10M
eventDispatcher best
maxCachedFileSize 4096
totalInMemCacheSize 20M
maxMMapFileSize 256K
totalMMapCacheSize 40M
useSendfile 1
fileETag 28
SSLCryptoDevice null
maxReqURLLen 32768
maxReqHeaderSize 65536
maxReqBodySize 2047M
maxDynRespHeaderSize 32768
maxDynRespSize 2047M
enableGzipCompress 1
enableBrCompress 4
enableDynGzipCompress 1
gzipCompressLevel 6
brStaticCompressLevel 6
compressibleTypes default
gzipAutoUpdateStatic 1
gzipMinFileSize 300
quicEnable 1
quicShmDir /dev/shm
}
accessDenyDir{
dir /
dir /etc/*
dir /dev/*
dir conf/*
dir admin/conf/*
}
fileAccessControl{
followSymbolLink 1
checkSymbolLink 0
requiredPermissionMask 000
restrictedPermissionMask 000
}
perClientConnLimit{
staticReqPerSec 0
dynReqPerSec 0
outBandwidth 0
inBandwidth 0
softLimit 10000
hardLimit 10000
gracePeriod 15
banPeriod 300
}
CGIRLimit{
maxCGIInstances 20
minUID 11
minGID 10
priority 0
CPUSoftLimit 10
CPUHardLimit 50
memSoftLimit 2047M
memHardLimit 2047M
procSoftLimit 400
procHardLimit 450
}
accessControl{
allow ALL
deny
}
extProcessor lsphp{
type lsapi
address uds://tmp/lshttpd/lsphp.sock
maxConns 25
env PHP_LSAPI_CHILDREN=25
env LSAPI_AVOID_FORK=200M
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout
respBuffer 0
autoStart 1
path lsphp83/bin/lsphp
backlog 100
instances 1
priority 0
memSoftLimit 0
memHardLimit 0
procSoftLimit 1400
procHardLimit 1500
}
scriptHandler{
add lsapi:lsphp php
}
railsDefaults{
binPath
railsEnv 1
maxConns 1
env LSAPI_MAX_IDLE=60
initTimeout 60
retryTimeout 0
pcKeepAliveTimeout 60
respBuffer 0
backlog 50
runOnStartUp 3
extMaxIdleTime 300
priority 3
memSoftLimit 0
memHardLimit 0
procSoftLimit 500
procHardLimit 600
}
wsgiDefaults{
binPath
railsEnv 1
maxConns 5
env LSAPI_MAX_IDLE=60
initTimeout 60
retryTimeout 0
pcKeepAliveTimeout 60
respBuffer 0
backlog 50
runOnStartUp 3
extMaxIdleTime 300
priority 3
memSoftLimit 0
memHardLimit 0
procSoftLimit 500
procHardLimit 600
}
nodeDefaults{
binPath
railsEnv 1
maxConns 5
env LSAPI_MAX_IDLE=60
initTimeout 60
retryTimeout 0
pcKeepAliveTimeout 60
respBuffer 0
backlog 50
runOnStartUp 3
extMaxIdleTime 300
priority 3
memSoftLimit 0
memHardLimit 0
procSoftLimit 500
procHardLimit 600
}
virtualHost Example{
vhRoot Example/
allowSymbolLink 1
enableScript 1
restrained 1
maxKeepAliveReq
smartKeepAlive
setUIDMode 0
chrootMode 0
configFile conf/vhosts/Example/vhconf.conf
}
listener Default{
map mail.jarvis.orbishosting.com mail.jarvis.orbishosting.com
map jarvis.orbishosting.com jarvis.orbishosting.com
map orbis.orbishosting.com orbis.orbishosting.com
map mail.parkerslingshotrentals.com mail.parkerslingshotrentals.com
map parkerslingshotrentals.com parkerslingshotrentals.com
map mail.tomsjavajive.com mail.tomsjavajive.com
map tomsjavajive.com tomsjavajive.com
map mail.epictravelexpeditions.com mail.epictravelexpeditions.com
map epictravelexpeditions.com epictravelexpeditions.com
map mail.orbishosting.com mail.orbishosting.com
map orbishosting.com orbishosting.com
map mail.tomtomgames.com mail.tomtomgames.com
map tomtomgames.com tomtomgames.com
address *:80
secure 0
}
vhTemplate centralConfigLog{
templateFile conf/templates/ccl.conf
listeners Default
}
vhTemplate EasyRailsWithSuEXEC{
templateFile conf/templates/rails.conf
listeners Default
}
module cache {
ls_enabled 1
checkPrivateCache 1
checkPublicCache 1
maxCacheObjSize 10000000
maxStaleAge 200
qsCache 1
reqCookieCache 1
respCookieCache 1
ignoreReqCacheCtrl 1
ignoreRespCacheCtrl 0
enableCache 0
expireInSeconds 3600
enablePrivateCache 0
privateExpireInSeconds 3600
}
module cyberpanel_ols {
ls_enabled 1
}
virtualHost tomtomgames.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
listener SSL {
map mail.jarvis.orbishosting.com mail.jarvis.orbishosting.com
map jarvis.orbishosting.com jarvis.orbishosting.com
map mail.tomtomgames.com mail.tomtomgames.com
map orbis.orbishosting.com orbis.orbishosting.com
map mail.parkerslingshotrentals.com mail.parkerslingshotrentals.com
map parkerslingshotrentals.com parkerslingshotrentals.com
map mail.tomsjavajive.com mail.tomsjavajive.com
map tomsjavajive.com tomsjavajive.com
map mail.epictravelexpeditions.com mail.epictravelexpeditions.com
map epictravelexpeditions.com epictravelexpeditions.com
map mail.orbishosting.com mail.orbishosting.com
map orbishosting.com orbishosting.com
address *:443
secure 1
keyFile /etc/letsencrypt/live/tomtomgames.com/privkey.pem
certFile /etc/letsencrypt/live/tomtomgames.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
map tomtomgames.com tomtomgames.com
}
virtualHost mail.tomtomgames.com {
vhRoot /home/tomtomgames.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
listener SSL IPv6 {
map mail.jarvis.orbishosting.com mail.jarvis.orbishosting.com
map jarvis.orbishosting.com jarvis.orbishosting.com
map mail.tomtomgames.com mail.tomtomgames.com
map orbis.orbishosting.com orbis.orbishosting.com
map mail.parkerslingshotrentals.com mail.parkerslingshotrentals.com
map parkerslingshotrentals.com parkerslingshotrentals.com
map mail.tomsjavajive.com mail.tomsjavajive.com
map tomsjavajive.com tomsjavajive.com
map mail.epictravelexpeditions.com mail.epictravelexpeditions.com
map epictravelexpeditions.com epictravelexpeditions.com
map mail.orbishosting.com mail.orbishosting.com
map orbishosting.com orbishosting.com
address [ANY]:443
secure 1
keyFile /etc/letsencrypt/live/mail.tomtomgames.com/privkey.pem
certFile /etc/letsencrypt/live/mail.tomtomgames.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
map mail.tomtomgames.com mail.tomtomgames.com
}
virtualHost orbishosting.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost mail.orbishosting.com {
vhRoot /home/orbishosting.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost epictravelexpeditions.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost mail.epictravelexpeditions.com {
vhRoot /home/epictravelexpeditions.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost tomsjavajive.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost mail.tomsjavajive.com {
vhRoot /home/tomsjavajive.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
module mod_security {
modsecurity on
modsecurity_rules `
SecDebugLogLevel 0
SecDebugLog /usr/local/lsws/logs/modsec.log
SecAuditEngine on
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecAuditLogParts AFH
SecAuditLogType Serial
SecAuditLog /usr/local/lsws/logs/auditmodsec.log
SecRuleEngine On
`
modsecurity_rules_file /usr/local/lsws/conf/modsec/rules.conf
}
virtualHost parkerslingshotrentals.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost mail.parkerslingshotrentals.com {
vhRoot /home/parkerslingshotrentals.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost orbis.orbishosting.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost jarvis.orbishosting.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
virtualHost mail.jarvis.orbishosting.com {
vhRoot /home/jarvis.orbishosting.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
allowSymbolLink 1
enableScript 1
restrained 1
}
ols-vhosts/jarvis.orbishosting.com/vhost.conf
+2 -2
View File
@@ -33,8 +33,8 @@ scripthandler {
extprocessor jarvi5150 {
type lsapi
address UDS://tmp/lshttpd/jarvi5150.sock
maxConns 10
env LSAPI_CHILDREN=10
maxConns 25
env LSAPI_CHILDREN=25
initTimeout 600
retryTimeout 0
persistConn 1