From: openbsd@systemfailure.net Subject: Re: net/i2pd: move login.conf(5) bits from README to i2pd.login To: Klemens Nanni ,ports@openbsd.org Cc: Theo Buehler Date: Mon, 29 Jan 2024 21:52:50 +0000 I'm globally OK with your proposal, which is fine for most users, but IMHO it would be nice to tell people running floodfills (a not-so-uncommon use case) in the README that they should raise the max file limits even more. I hope the attached patch, with a rephrased README, is clearer... Thank you and best regards. On Sunday, January 28th, 2024 at 7:52 PM, Klemens Nanni wrote: > On Sun, Jan 28, 2024 at 06:15:52PM +0000, Stuart Henderson wrote: > > > On 2024/01/27 21:54, openbsd@systemfailure.net wrote: > > > > > According to i2pd's online documentation [1], the maximum number of open file descriptors is 4096 for a regular node, and 8192 for a floodfill [2]. > > > > > > I have never measured how many FDs i2pd is really using, but this software for sure needs a lot of them. > > > > > > So I guess we can set 4096 as default value, and inform users in the README file that this value should be raised to 8192 for floodfills. > > > > 4096 doesn't seem too unreasonable, it's below default levels of > > kern.maxfiles, so if that's enough for the software I'd be happy with > > setting that in a login.conf.d file. > > > Thanks for all you feedback. > OK? > > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/net/i2pd/Makefile,v > diff -u -p -r1.22 Makefile > --- Makefile 13 Jan 2024 16:21:39 -0000 1.22 > +++ Makefile 24 Jan 2024 22:21:26 -0000 > @@ -3,6 +3,7 @@ COMMENT = client for the I2P anonymous n > GH_ACCOUNT = PurpleI2P > GH_PROJECT = i2pd > GH_TAGNAME = 2.50.2 > +REVISION = 0 > > CATEGORIES = net > HOMEPAGE = https://i2pd.website > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/net/i2pd/pkg/PLIST,v > diff -u -p -r1.12 PLIST > --- pkg/PLIST 20 Dec 2023 22:19:44 -0000 1.12 > +++ pkg/PLIST 24 Jan 2024 22:30:37 -0000 > @@ -237,3 +237,7 @@ share/examples/i2pd/tunnels.conf > @owner _i2pd > @group _i2pd > @sample ${SYSCONFDIR}/i2pd/tunnels.conf > +@owner > +@group > +share/examples/login.conf.d/i2pd > +@sample ${SYSCONFDIR}/login.conf.d/i2pd > Index: pkg/README > =================================================================== > RCS file: /cvs/ports/net/i2pd/pkg/README,v > diff -u -p -r1.3 README > --- pkg/README 8 Nov 2022 12:41:42 -0000 1.3 > +++ pkg/README 28 Jan 2024 19:51:52 -0000 > @@ -5,20 +5,7 @@ > Resource Limits: File Descriptors > ================================= > > -By default, the i2pd process runs in the login(1) class of "daemon". > -The default limits on file descriptors are insufficient to run i2pd; instead you > -should put the _i2pd user and process in their own login(1) class with tuned > -resources. > -You should also raise the system-wide maxfiles limit. > +You should raise the system-wide maxfiles limit: > > -1. Configure i2pd login class in the login.conf(5) file: > - > - i2pd:\ > - :openfiles-cur=8192:\ > - :openfiles-max=8192:\ > - :tc=daemon: > - > -2. Adjust kern.maxfiles, if needed: > - > - # sysctl kern.maxfiles=16000 > - # echo "kern.maxfiles=16000" >> /etc/sysctl.conf > > + # sysctl kern.maxfiles=8192 > + # echo "kern.maxfiles=8192" >> /etc/sysctl.conf > > Index: pkg/i2pd.login > =================================================================== > RCS file: pkg/i2pd.login > diff -N pkg/i2pd.login > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ pkg/i2pd.login 28 Jan 2024 19:51:32 -0000 > @@ -0,0 +1,4 @@ > +i2pd:\ > + :openfiles-cur=4096:\ > + :openfiles-max=4096:\ > + :tc=daemon: Index: Makefile =================================================================== RCS file: /cvs/ports/net/i2pd/Makefile,v diff -u -p -r1.22 Makefile --- Makefile 13 Jan 2024 16:21:39 -0000 1.22 +++ Makefile 29 Jan 2024 21:33:59 -0000 @@ -3,6 +3,7 @@ COMMENT = client for the I2P anonymous n GH_ACCOUNT = PurpleI2P GH_PROJECT = i2pd GH_TAGNAME = 2.50.2 +REVISION = 0 CATEGORIES = net HOMEPAGE = https://i2pd.website Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/net/i2pd/pkg/PLIST,v diff -u -p -r1.12 PLIST --- pkg/PLIST 20 Dec 2023 22:19:44 -0000 1.12 +++ pkg/PLIST 29 Jan 2024 21:33:59 -0000 @@ -237,3 +237,7 @@ share/examples/i2pd/tunnels.conf @owner _i2pd @group _i2pd @sample ${SYSCONFDIR}/i2pd/tunnels.conf +@owner +@group +share/examples/login.conf.d/i2pd +@sample ${SYSCONFDIR}/login.conf.d/i2pd Index: pkg/README =================================================================== RCS file: /cvs/ports/net/i2pd/pkg/README,v diff -u -p -r1.3 README --- pkg/README 8 Nov 2022 12:41:42 -0000 1.3 +++ pkg/README 29 Jan 2024 21:33:59 -0000 @@ -5,20 +5,22 @@ Resource Limits: File Descriptors ================================= -By default, the i2pd process runs in the login(1) class of "daemon". -The default limits on file descriptors are insufficient to run i2pd; instead you -should put the _i2pd user and process in their own login(1) class with tuned -resources. -You should also raise the system-wide maxfiles limit. - -1. Configure i2pd login class in the login.conf(5) file: - - i2pd:\ - :openfiles-cur=8192:\ - :openfiles-max=8192:\ - :tc=daemon: +${PKGSTEM} needs to open a lot of file descriptors. -2. Adjust kern.maxfiles, if needed: +For a regular node, you should raise the system-wide maxfiles limit to +8192: + + # sysctl kern.maxfiles=8192 + # echo "kern.maxfiles=8192" >> /etc/sysctl.conf + +If you intend to run a floodfill, you should raise this limit even more: # sysctl kern.maxfiles=16000 # echo "kern.maxfiles=16000" >> /etc/sysctl.conf + +and also edit /etc/login.conf.d/i2pd: + + i2pd:\ + :openfiles-cur=8192:\ + :openfiles-max=8192:\ + :tc=daemon: