Commit Graph

8865 Commits

Author SHA1 Message Date
Girish Ramakrishnan
b4e4f26361 Rework cpuShares into cpuQuota
cpuShares is the relative weight wrt other apps. This is used when
there is contention for CPU. If we want this, maybe we implement
a UI where we show all the apps and let the user re-order them.
As it stands, it is confusing.

cpuQuota is a more straightforward "hard limit" of the CPU% that you
want the app to consume.

Can be tested with : stress -c 8 -t 20s
2024-04-10 18:25:14 +02:00
Girish Ramakrishnan
efd0be5e2c services: send the default memory limit 2024-04-10 12:42:25 +02:00
Girish Ramakrishnan
8b7dca00af app memory: make slider go till RAM
anything above RAM is useless
2024-04-10 12:12:49 +02:00
Girish Ramakrishnan
be2775e12e memoryLimit: redefine to not include swap
Currently, we allocate 50% as RAM and 50% as swap. The manifest is
usually quite conservative on memory values. This means that we set
up a system where the app is applying memory pressure almost immediately.
This then swaps things randomly and increases cpu usage (kswapd shows
up in the profile).

To rethink the whole situation: we should not cap apps with a swap limit at all.
The memory hard limit is what is important. By redefining memoryLimit , we are
doubling every container's memory and it's good that we over allocate this.
2024-04-09 18:59:40 +02:00
Girish Ramakrishnan
2b1b304c6e backup/import/restore: fix crash with root path calcuation
rootPath was calculated before the arguments were validated
2024-04-09 13:53:48 +02:00
Girish Ramakrishnan
62faf616c5 import: acceptSelfSignedCerts is validated at provider 2024-04-09 13:24:33 +02:00
Girish Ramakrishnan
3f2f4c7c6b restore: acceptSelfSignedCerts is validated by provider 2024-04-09 13:20:01 +02:00
Girish Ramakrishnan
5e49a33e8f backups: rootPath is needed only when testing storage 2024-04-09 13:03:31 +02:00
Girish Ramakrishnan
5fb7d53018 backups: encryptedFilenames and mountOptions are validated at provider level 2024-04-09 12:31:10 +02:00
Girish Ramakrishnan
424a3c2b53 validateEncryptionPassword need not by exported or async 2024-04-09 12:23:43 +02:00
Girish Ramakrishnan
6e629b984b typo in error message 2024-04-09 11:53:58 +02:00
Johannes Zellner
9e05a4eab7 Show background in all oidc pages 2024-04-06 10:52:25 +02:00
Johannes Zellner
86986d8f34 Allow img-src blob: 2024-04-05 19:59:38 +02:00
Johannes Zellner
2515b032d0 Add branding background UI 2024-04-05 14:31:41 +02:00
Girish Ramakrishnan
6086b0e797 typo 2024-04-05 12:11:43 +02:00
Girish Ramakrishnan
2760e25c0f users: validate groupIds items 2024-04-05 11:59:16 +02:00
Johannes Zellner
028b820d48 oidc: Reload the login view if session is gone 2024-04-04 17:32:58 +02:00
Johannes Zellner
2c81458954 Show branding background image in login view 2024-04-04 15:38:44 +02:00
Girish Ramakrishnan
030e468829 docker: prune volumes on infra change 2024-04-04 11:36:26 +02:00
Johannes Zellner
68724bcb4f Revert "oidc: enable rpInitiated logout"
This reverts commit a6f4b2896a.
2024-04-04 10:41:00 +02:00
Johannes Zellner
6186bb54e4 Revert "oidc: allow post logout redirect back to the app"
This reverts commit 3ddf72a24d.
2024-04-04 10:40:53 +02:00
Johannes Zellner
a4e822dec2 Make autologin token only one-time use 2024-04-04 10:29:36 +02:00
Johannes Zellner
5744cb7318 auto login from activation 2024-04-04 10:26:48 +02:00
Johannes Zellner
2f6a66dbd7 oidc: enable auto login when a token is provided 2024-04-03 18:11:21 +02:00
Johannes Zellner
91d3980e3b Add cloudron background branding apis 2024-04-03 17:27:22 +02:00
Johannes Zellner
3ddf72a24d oidc: allow post logout redirect back to the app 2024-04-03 15:49:03 +02:00
Johannes Zellner
a6f4b2896a oidc: enable rpInitiated logout 2024-04-02 20:38:12 +02:00
Girish Ramakrishnan
de99b8ecce Fix AVX support edge cases
* Always show restart button. When using a local VM, you can dynamically
switch flags. So, let the user rebuild. Show error if we cannot.
* The logs button is an "a" tag which is clickable despite ng-disabled
2024-04-01 23:05:20 +02:00
Girish Ramakrishnan
8b0bcde7ec cloudflare: result is now null and not empty array 2024-04-01 17:58:40 +02:00
Girish Ramakrishnan
d862f1f5b4 cloudflare: fix crash when result is null 2024-04-01 17:31:20 +02:00
Girish Ramakrishnan
1c4f6315a6 mongodb: optional avx support in service routes 2024-04-01 17:31:20 +02:00
Girish Ramakrishnan
774f14327c addons: optional start mongodb based on AVX 2024-03-30 19:20:24 +01:00
Girish Ramakrishnan
6bd9391160 syslog: fix tests 2024-03-30 19:17:28 +01:00
Girish Ramakrishnan
a82fb0c2cb typo from 110e68331 2024-03-30 19:17:28 +01:00
Girish Ramakrishnan
110e683318 rename checkManifestConstraints function 2024-03-30 18:25:37 +01:00
Girish Ramakrishnan
781ee77280 services: remove docker dynamic env hook 2024-03-30 18:25:37 +01:00
Girish Ramakrishnan
b66e77a2d8 Fix crash when system has no swap 2024-03-22 10:39:35 +01:00
Girish Ramakrishnan
4ee56782ba move syslog.js to top level 2024-03-21 19:09:51 +01:00
Girish Ramakrishnan
104997d77c syslog: change it to unix domain socket
docker is using a extra udp port for every container. when there is
a lot of containers, a lot of random udp ports get used up. this causes
problems when installing apps that require contiguous port ranges
2024-03-21 18:59:08 +01:00
Girish Ramakrishnan
8e07b3c96d remove unused variable 2024-03-21 17:11:17 +01:00
Girish Ramakrishnan
d09915bf6e scheduler: typo
(cherry picked from commit 09e00e6d58)
2024-03-12 18:06:24 +01:00
Girish Ramakrishnan
2956c3360c postgresql: fix whitelist ext loading 2024-03-12 11:27:42 +01:00
Girish Ramakrishnan
c634bdbd34 scheduler: do not create jobs of suspended apps
otherwise, when an app is uninstalling, it creates the docker containers
by calling getDynamicEnvironment. This ends up adding addonConfigs for the
docker addon and prevents the app from getting uninstalled.
2024-03-12 00:55:06 +01:00
Girish Ramakrishnan
90c8348c9c postgresql: fix upgrade route 2024-03-11 15:55:08 +01:00
Girish Ramakrishnan
1426cbec81 postgresql: fix for vectors update
we used:
psql -Uroot  --dbname=postgres --command="ALTER SYSTEM SET shared_preload_libraries = 'vectors.so'"

the above wrote to the auto config file and required a reboot. this resulted in
2024-03-11 09:39:13.250 UTC [34] ERROR:  pgvecto.rs: pgvecto.rs must be loaded via shared_preload_libraries.
	ADVICE: If you encounter this error for your first use of pgvecto.rs, please read `https://docs.pgvecto.rs/getting-started/installation.html`. You should edit `shared_preload_libraries` in `postgresql.conf` to include `vectors.so`, or simply run the command `psql -U postgres -c 'ALTER SYSTEM SET shared_preload_libraries = "vectors.so"'`.
2024-03-11 09:39:13.250 UTC [34] STATEMENT:  CREATE EXTENSION vectors
ERROR:  pgvecto.rs: pgvecto.rs must be loaded via shared_preload_libraries.
ADVICE: If you encounter this error for your first use of pgvecto.rs, please read `https://docs.pgvecto.rs/getting-started/installation.html`. You should edit `shared_preload_libraries` in `postgresql.conf` to include `vectors.so`, or simply run the command `psql -U postgres -c 'ALTER SYSTEM SET shared_preload_libraries = "vectors.so"'`.
2024-03-11 13:32:25 +01:00
Johannes Zellner
bf27374dcc Fix postgresaddon migration for pgvectors 2024-03-07 13:59:30 +01:00
Johannes Zellner
3de1c6e499 Use postgres addon with immich hacks exposed as service api 2024-03-06 19:08:03 +01:00
Johannes Zellner
96eeb70076 Update postgres addon to 1.5.10
This contains a hack for immich in apptask to migrate the extension on
immich app update
2024-03-06 13:20:58 +01:00
Girish Ramakrishnan
6a39e442ac platform: use execArgs 2024-03-06 10:46:00 +01:00
Girish Ramakrishnan
91e030be44 sftp: fix buffer (stdin/stdout) overflow 2024-03-06 10:36:08 +01:00