Commit 9169d999 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

archwiki: use memcached for caching

Switch from apcu caching to memcached with 512 MiB so that we have a
sustained cached instead of a php-fpm worker based cache which has a
shorter lifetime of 2000 requests before the worker get's killed and
respawned.
parent d60d1f52
......@@ -41,7 +41,7 @@
mariadb_innodb_file_per_table: True, tags: ["mariadb"] }
- { role: sudo, tags: ['sudo'] }
- { role: uwsgi, tags: ['uwsgi'] }
- { role: php-fpm, php_extensions: ['apcu', 'bcmath', 'curl', 'gd', 'iconv', 'intl', 'mysqli', 'pdo_pgsql', 'pgsql', 'sockets', 'zip'], zend_extensions: ['opcache'], tags: ["php-fpm"] }
- { role: php-fpm, php_extensions: ['bcmath', 'curl', 'gd', 'iconv', 'intl', 'mysqli', 'pdo_pgsql', 'pgsql', 'sockets', 'zip'], zend_extensions: ['opcache'], tags: ["php-fpm"] }
- { role: memcached, tags: ['memcached'] }
- { role: archweb, tags: ["archweb"] }
- { role: security_tracker, security_tracker_domain: "security.archlinux.org", security_tracker_dir: "/srv/http/security-tracker", tags: ["security_tracker"] }
......
......@@ -168,7 +168,7 @@
when: archweb_services or archweb_pgp_import
- name: install archweb memcached service
template: src="archweb-memcached.service.j2" dest="/etc/systemd/system/archweb-memcached.service" owner=root group=root mode=0644
template: src="archweb-memcached.service.j2" dest="/etc/systemd/system/archwiki-memcached.service" owner=root group=root mode=0644
notify:
- daemon reload
when: archweb_site|bool
......
......@@ -7,6 +7,7 @@ archwiki_version: 'b8e35046ae4bb5e7a7bddf7f0f0f2f79f327f162'
archwiki_question_answer_file: '/srv/http/archwiki/registration-question-answer.txt'
archwiki_socket: '/run/php-fpm/archwiki.socket'
archwiki_memcached_socket: '/run/memcached/archwiki.sock'
archwiki_db: 'archwiki'
archwiki_db_host: 'localhost'
......
......@@ -5,7 +5,7 @@
when: 'archwiki_domain is defined'
- name: install packages
pacman: name=git,php-intl,php-apcu state=present
pacman: name=git,php-intl state=present
- name: make archwiki user
user: name="{{ archwiki_user }}" shell=/bin/false home="{{ archwiki_dir }}" createhome=no
......@@ -70,8 +70,8 @@
notify:
- restart php-fpm@{{ archwiki_user }}
- name: set php-apcu value
copy: src=20-apcu.ini dest=/etc/php/conf.d/20-apcu.ini
- name: install archwiki memcached service
template: src="archwiki-memcached.service.j2" dest="/etc/systemd/system/archwiki-memcached.service" owner=root group=root mode=0644
- name: start and enable systemd socket
service: name=php-fpm@{{ archwiki_user }}.socket state=started enabled=true
......@@ -87,6 +87,7 @@
- archwiki-prune-cache.service
- archwiki-prune-cache.timer
- archwiki-question-updater.service
- archwiki-memcached.service
- name: start and enable archwiki runjobs timer
service: name="archwiki-runjobs.timer" enabled=yes state=started
......@@ -100,5 +101,8 @@
- name: create question answer file
service: name=archwiki-question-updater.service state=started
- name: start and enable archwiki memcached
service: name=archwiki-memcached.service state=started
- name: ensure question answer file exists and set permissions
file: state=file path="{{archwiki_question_answer_file}}" owner=root group=root mode=0644
......@@ -51,3 +51,9 @@ $wgDebugLogFile = "/dev/null";
$wgDebugLogGroups = array(
'BounceHandler' => '/var/log/archwiki/bouncehandler.log',
);
# memcached settings
$wgMainCacheType = CACHE_MEMCACHED;
$wgParserCacheType = CACHE_MEMCACHED;
$wgMessageCacheType = CACHE_MEMCACHED;
$wgMemCachedServers = [ "unix://{{ archwiki_memcached_socket }}:0" ];
[Unit]
Description=Archwiki Memcached Daemon
After=network.target
[Service]
User={{ archwiki_user }}
Group=memcached
ExecStart=/usr/bin/memcached -s {{ archwiki_memcached_socket }} -m 512 -o modern
Restart=always
NoNewPrivileges=yes
PrivateTmp=yes
ProtectHome=true
PrivateDevices=yes
ProtectSystem=full
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
MemoryDenyWriteExecute=yes
[Install]
WantedBy=multi-user.target
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment