Manager waits for only 5 seconds for starting kresd
Hi!
The issue that Manager kresd process as failed kresd in case of load of big rpz.
policy.add(policy.rpz(policy.DENY, '/opt/knot-resolver/blocklists/oisd-nsfw.rpz', true))
policy.add(policy.rpz(policy.DENY, '/opt/knot-resolver/blocklists/hagezy-anti-privacy.rpz', true))
policy.add(policy.rpz(policy.DENY, '/opt/knot-resolver/blocklists/hagezy-gambling.rpz', true))
policy.add(policy.rpz(policy.DENY, '/opt/knot-resolver/blocklists/hagezy-multi-normal.rpz', true))
policy.add(policy.rpz(policy.DENY, '/opt/knot-resolver/blocklists/hagezy-no-safe-search.rpz', true))
policy.add(policy.rpz(policy.DENY, '/opt/knot-resolver/blocklists/hagezy-threat.rpz', true))
Here are rpz's:
#!/bin/bash
curl -o "/opt/knot-resolver/blocklists/_hagezy-multi-normal.rpz" "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/rpz/multi.txt"
curl -o "/opt/knot-resolver/blocklists/_hagezy-gambling.rpz" "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/rpz/gambling.txt"
curl -o "/opt/knot-resolver/blocklists/_oisd-nsfw.rpz" "https://nsfw.oisd.nl/rpz"
curl -o "/opt/knot-resolver/blocklists/_hagezy-anti-privacy.rpz" "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/rpz/anti.piracy.txt"
curl -o "/opt/knot-resolver/blocklists/_hagezy-no-safe-search.rpz" "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/rpz/nosafesearch.txt"
curl -o "/opt/knot-resolver/blocklists/_hagezy-threat.rpz" "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/rpz/tif.txt"
mv /opt/knot-resolver/blocklists/_hagezy-multi-normal.rpz /opt/knot-resolver/blocklists/hagezy-multi-normal.rpz
mv /opt/knot-resolver/blocklists/_hagezy-gambling.rpz /opt/knot-resolver/blocklists/hagezy-gambling.rpz
mv /opt/knot-resolver/blocklists/_oisd-nsfw.rpz /opt/knot-resolver/blocklists/oisd-nsfw.rpz
mv /opt/knot-resolver/blocklists/_hagezy-anti-privacy.rpz /opt/knot-resolver/blocklists/hagezy-anti-privacy.rpz
mv /opt/knot-resolver/blocklists/_hagezy-no-safe-search.rpz /opt/knot-resolver/blocklists/hagezy-no-safe-search.rpz
mv /opt/knot-resolver/blocklists/_hagezy-threat.rpz /opt/knot-resolver/blocklists/hagezy-threat.rpz
I think the startsecs
in /run/knot-resolver/supervisord.conf
should be increased.
Or it would be great to specify it via some argument etc:
[program:manager]
redirect_stderr=false
directory=/var/lib/knot-resolver
command="/usr/bin/python3" "/usr/bin/knot-resolver" "--config=/etc/knot-resolver/config.yaml"
stopsignal=SIGINT
killasgroup=true
autorestart=true
autostart=true
startsecs=60
environment=X-SUPERVISORD-TYPE=notify,KRES_SUPRESS_LOG_PREFIX=true
stdout_logfile=NONE
stderr_logfile=NONE