Commit Graph

49 Commits

Author SHA1 Message Date
Sam
ded84a4b58 PERF: improve performance once logged in rate limiter hits
If "logged in" is being forced anonymous on certain routes, trigger
the protection for any requests that spend 50ms queueing

This means that ...

1. You need to trip it by having 3 requests take longer than 1 second in 10 second interval
2. Once tripped, if your route is still spending 50m queueuing it will continue to be protected

This means that site will continue to function with almost no delays while it is scaling up to handle the new load
2018-04-23 11:55:25 +10:00
Sam
59cd7894d9 FEATURE: if site is under extreme load show anon view
If a particular path is being hit extremely hard by logged on users,
revert to anonymous cached view.

This will only come into effect if 3 requests queue for longer than 2 seconds
on a *single* path.

This can happen if a URL is shared with the entire forum base and everyone
is logged on
2018-04-18 16:58:57 +10:00
Blake Erickson
720dd2432e remove change from descourse_defaults.conf 2018-04-10 14:27:03 -06:00
Blake Erickson
0337a8f6d5 ensure correct '/'s for relative_url_root in route file 2018-04-10 14:24:29 -06:00
Guo Xiang Tan
a89f3160a5 Add new config to ensure backup/restore connects to PG directly.
* In `pg_dump` 10.3+ and 9.5.12+, in
  it does a `SELECT pg_catalog.set_config('search_path', '', false)`
  which changes the state of the current connection. This is known
  to be problematic with Pgbouncer which reuses connections. As such,
  we'll always try to connect directly to PG directly during
  the backup/restore process.
2018-03-09 10:28:03 +08:00
Sam
f0d5f83424 FEATURE: limit assets less that non asset paths
By default assets can be requested up to 200 times per 10 seconds
from the app, this includes CSS and avatars
2018-03-06 15:20:39 +11:00
Sam
f26ff290c3 FEATURE: Shorten setting name to max_reqs
So it is consistent with other settings
2018-01-22 13:18:30 +11:00
Sam
cecd7d0d07 FEATURE: global rate limiter can bypass local IPs 2018-01-08 08:39:17 +11:00
Sam
4986ebcf24 FEATURE: optional default off global per ip rate limiter 2017-12-11 17:52:57 +11:00
Sam
68d3c2c74f FEATURE: add global rate limiter for admin api 60 per minute
Also move configuration of admin and user api rate limiting into global
settings. This is not intended to be configurable per site
2017-12-11 11:07:22 +11:00
Guo Xiang Tan
6c04eb911d Fix typo. 2017-10-17 12:34:49 +08:00
Guo Xiang Tan
b54eb8f53c FIX: Set PG connect_timeout to 5 seconds.
* 30 seconds is alittle too long.
2017-10-17 12:32:41 +08:00
Sam
70bb2aa426 FEATURE: allow specifying s3 config via globals
This refactors handling of s3 so it can be specified via GlobalSetting

This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3

It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Sam
c106ca6778 FEATURE: fallback asset path for multi host setups 2017-03-20 15:59:17 -04:00
Sam
ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Guo Xiang Tan
89b1998174 Add default port for redis_slave. 2016-03-11 15:07:07 +08:00
Guo Xiang Tan
c07c474575 FEATURE: Master-Slave Redis configuration with fallback and switch over. 2016-03-11 12:18:58 +08:00
Guo Xiang Tan
46589a1a0c FEATURE: AR adapter to failover to a replica DB server. 2016-02-05 08:51:10 +08:00
Sam Saffron
209b022385 PERF: cut down on memory usage allowed to redis
This limits the amount of backlog message bus channels can have.
2016-02-04 13:58:38 +11:00
Sam
dfe3ecb914 PERF: disable prepared statements
see: https://github.com/rails/rails/issues/21992
2015-10-19 14:02:22 +11:00
Sam
805120fc95 FEATURE: add connnection reaping based on maximum age
This feature ensures connections to the db are always attempted to be closed
after 600 seconds of idle time.
2015-10-17 11:29:16 +11:00
Sam
786cf6e61f format does not allow numbers 2015-07-23 15:33:38 +10:00
Sam
c056c3ba7e FEATURE: allow users to specify a second hostname if needed
(very rarely needed feature, mostly for multisite and origin pull cdns)
2015-07-23 15:22:54 +10:00
Sam
8252f4e110 FEATURE: allow use of redis sentinel via redis_sentinels
Use: DISCOURSE_REDIS_SENTINELS and DISCOURSE_REDIS_HOST to configure redis
sentinel
2015-06-25 16:51:48 +10:00
Sam
f3188ab8f2 remove unused setting 2015-04-30 12:06:32 +10:00
Sam
f5af4768eb FEATURE: add clean support for running Discourse in a subfolder
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
Sam
fff55e0ee3 FEATURE: allow users to specify if prepared statements are allowed
(they need to be disabled for pgpool based setups)
2015-02-18 11:16:53 +11:00
Sam
d56b71851b FEATURE: configurable connection reaping settings 2015-02-17 09:58:43 +11:00
Neil Lalonde
f88075cbba FEATURE: CORS settings per-site in a multisite env 2014-10-15 15:20:39 -04:00
Sam
2be03371ae FEATURE: allow a central redis cache for assets 2014-09-23 16:50:17 +10:00
Sam
f493eb5d12 FEATURE: allow version emails to be disabled globally 2014-08-23 10:02:32 +10:00
Zohar Arad
557af8b8bd Add RTL support to Discourse CSS pre-processing using the RTLit gem and configurable via discourse.conf 2014-08-08 09:31:31 +03:00
Sam
9468ebeb2e CHANGE: Mini Profiler only enabled for developers in prd 2014-07-17 08:34:41 +10:00
Adam Loving
3f1c5bef00 spelling in comment 2014-06-05 09:52:35 -07:00
Sam
30c86d834f * Increase pool size to allow for a few extra bg threads in sidekiq 2014-05-22 09:00:24 +10:00
Sam
810eda448f Merge branch 'environment-smtp-verify' of https://github.com/cfstras/discourse 2014-05-14 11:25:05 +10:00
Sam
dc06401479 PERF: reduce sidekiq worker count to 5 2014-05-14 10:21:11 +10:00
Claus Strasburger
b53248178b Added openssl_verify_mode parameter for action_mailer.
- parameter in `environments/production.rb`
- documentation & default value (nil) in `discourse_defaults.conf`
2014-05-08 22:21:36 +02:00
Sam
884346cbea Merge pull request #1951 from thoughtbot/bb-erb
Use ERB to pull conf files into app
2014-02-18 16:23:55 +11:00
Sam
73aca9063d FEATURE: allow overriding server static asset if needed 2014-02-17 10:44:37 +11:00
Britt Ballard
60e1a5aa69 Use ERB when importing conf files into app 2014-02-14 16:14:55 -08:00
slainer68
a89018db87 Use GlobalSetting to enable CORS at application level 2014-02-09 23:11:52 -08:00
Vikhyat Korrapati
6d50504a83 Make SMTP authentication mechanism configurable. 2014-01-06 18:19:42 +05:30
Sam
c7d99a288b try to default to sockets, so less people have issues configuring in prd 2014-01-06 12:25:29 +11:00
Sam
887ac10013 get rid of cache db, not needed 2014-01-06 12:24:11 +11:00
David Celis
0ed42707cc Allow configuration of Redis DB and cache DB
Hardcoding the Redis DB and Redis Caching DB to 0 and 2 in
`config/database.yml` makes an unsafe assumption that Discourse is the
only application using that install of redis-server. Instead of forcing
users to undergo yet another form of configuration, allow Discourse
admins a nicer way to configure the Redis databases used.

Signed-off-by: David Celis <me@davidcel.is>
2013-12-30 13:39:43 -08:00
Sam
8b33b45c2d should be commented out 2013-12-20 18:01:41 +11:00
Sam
4b04ac4c2b correct defaults 2013-12-20 16:23:01 +11:00
Sam
7b8d2547d0 globals now implemented and documented 2013-12-20 16:17:21 +11:00