upddate flask_proxmenux_routes.py

This commit is contained in:
MacRimi
2026-04-16 20:40:34 +02:00
parent b1cc880253
commit 5db6762690
3 changed files with 27 additions and 67 deletions

View File

@@ -12,11 +12,11 @@ TOOL_METADATA = {
'subscription_banner': {'name': 'Subscription Banner Removal', 'function': 'remove_subscription_banner', 'version': '1.0'}, 'subscription_banner': {'name': 'Subscription Banner Removal', 'function': 'remove_subscription_banner', 'version': '1.0'},
'time_sync': {'name': 'Time Synchronization', 'function': 'configure_time_sync', 'version': '1.0'}, 'time_sync': {'name': 'Time Synchronization', 'function': 'configure_time_sync', 'version': '1.0'},
'apt_languages': {'name': 'APT Language Skip', 'function': 'skip_apt_languages', 'version': '1.0'}, 'apt_languages': {'name': 'APT Language Skip', 'function': 'skip_apt_languages', 'version': '1.0'},
'journald': {'name': 'Journald Optimization', 'function': 'optimize_journald', 'version': '1.0'}, 'journald': {'name': 'Journald Optimization', 'function': 'optimize_journald', 'version': '1.1'},
'logrotate': {'name': 'Logrotate Optimization', 'function': 'optimize_logrotate', 'version': '1.0'}, 'logrotate': {'name': 'Logrotate Optimization', 'function': 'optimize_logrotate', 'version': '1.1'},
'system_limits': {'name': 'System Limits Increase', 'function': 'increase_system_limits', 'version': '1.0'}, 'system_limits': {'name': 'System Limits Increase', 'function': 'increase_system_limits', 'version': '1.1'},
'entropy': {'name': 'Entropy Generation (haveged)', 'function': 'configure_entropy', 'version': '1.0'}, # entropy removed — modern kernels 5.6+ have built-in entropy generation, haveged no longer needed
'memory_settings': {'name': 'Memory Settings Optimization', 'function': 'optimize_memory_settings', 'version': '1.0'}, 'memory_settings': {'name': 'Memory Settings Optimization', 'function': 'optimize_memory_settings', 'version': '1.1'},
'kernel_panic': {'name': 'Kernel Panic Configuration', 'function': 'configure_kernel_panic', 'version': '1.0'}, 'kernel_panic': {'name': 'Kernel Panic Configuration', 'function': 'configure_kernel_panic', 'version': '1.0'},
'apt_ipv4': {'name': 'APT IPv4 Force', 'function': 'force_apt_ipv4', 'version': '1.0'}, 'apt_ipv4': {'name': 'APT IPv4 Force', 'function': 'force_apt_ipv4', 'version': '1.0'},
'kexec': {'name': 'kexec for quick reboots', 'function': 'enable_kexec', 'version': '1.0'}, 'kexec': {'name': 'kexec for quick reboots', 'function': 'enable_kexec', 'version': '1.0'},

View File

@@ -231,7 +231,7 @@ optimize_journald() {
Storage=persistent Storage=persistent
SplitMode=none SplitMode=none
RateLimitIntervalSec=30s RateLimitIntervalSec=30s
RateLimitBurst=500 RateLimitBurst=1000
ForwardToSyslog=no ForwardToSyslog=no
ForwardToWall=no ForwardToWall=no
Seal=no Seal=no
@@ -270,7 +270,7 @@ optimize_logrotate() {
daily daily
su root adm su root adm
rotate 7 rotate 7
size=10M size 10M
compress compress
delaycompress delaycompress
missingok missingok
@@ -322,7 +322,7 @@ EOF
for file in /etc/systemd/system.conf /etc/systemd/user.conf; do for file in /etc/systemd/system.conf /etc/systemd/user.conf; do
if ! grep -q "^DefaultLimitNOFILE=" "$file"; then if ! grep -q "^DefaultLimitNOFILE=" "$file"; then
echo "DefaultLimitNOFILE=256000" >> "$file" echo "DefaultLimitNOFILE=1048576" >> "$file"
fi fi
done done
@@ -334,8 +334,9 @@ EOF
done done
if ! grep -q "ulimit -n 256000" /root/.profile; then if ! grep -q "ulimit -n 1048576" /root/.profile; then
echo "ulimit -n 256000" >> /root/.profile sed -i '/ulimit -n 256000/d' /root/.profile 2>/dev/null
echo "ulimit -n 1048576" >> /root/.profile
fi fi
@@ -348,8 +349,8 @@ EOF
cat > /etc/sysctl.d/99-fs.conf << EOF cat > /etc/sysctl.d/99-fs.conf << EOF
# ProxMenux configuration # ProxMenux configuration
fs.nr_open = 12000000 fs.nr_open = 2097152
fs.file-max = 9223372036854775807 fs.file-max = 2097152
fs.aio-max-nr = 1048576 fs.aio-max-nr = 1048576
EOF EOF
@@ -357,24 +358,6 @@ EOF
register_tool "system_limits" true register_tool "system_limits" true
} }
# ==========================================================
configure_entropy() {
msg_info "$(translate "Configuring entropy generation to prevent slowdowns...")"
/usr/bin/env DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::='--force-confdef' install haveged > /dev/null 2>&1
cat <<EOF > /etc/default/haveged
# -w sets low entropy watermark (in bits)
DAEMON_ARGS="-w 1024"
EOF
systemctl daemon-reload > /dev/null 2>&1
systemctl enable haveged > /dev/null 2>&1
msg_ok "$(translate "Entropy generation configuration completed")"
register_tool "entropy" true
}
# ========================================================== # ==========================================================
optimize_memory_settings() { optimize_memory_settings() {
msg_info "$(translate "Optimizing memory settings...")" msg_info "$(translate "Optimizing memory settings...")"
@@ -386,7 +369,7 @@ vm.swappiness = 10
vm.dirty_ratio = 15 vm.dirty_ratio = 15
vm.dirty_background_ratio = 5 vm.dirty_background_ratio = 5
vm.overcommit_memory = 1 vm.overcommit_memory = 1
vm.max_map_count = 65530 vm.max_map_count = 262144
EOF EOF
if [ -f /proc/sys/vm/compaction_proactiveness ]; then if [ -f /proc/sys/vm/compaction_proactiveness ]; then
@@ -760,7 +743,7 @@ EOF
Storage=persistent Storage=persistent
SplitMode=none SplitMode=none
RateLimitIntervalSec=30s RateLimitIntervalSec=30s
RateLimitBurst=500 RateLimitBurst=1000
SystemKeepFree=${KEEP_MB}M SystemKeepFree=${KEEP_MB}M
RuntimeMaxUse=${RUNTIME_MB}M RuntimeMaxUse=${RUNTIME_MB}M
# MaxLevelStore=info: required for ProxMenux Monitor log display and Fail2Ban detection. # MaxLevelStore=info: required for ProxMenux Monitor log display and Fail2Ban detection.
@@ -869,7 +852,6 @@ run_complete_optimization() {
#configure_time_sync #configure_time_sync
skip_apt_languages skip_apt_languages
increase_system_limits increase_system_limits
configure_entropy
optimize_memory_settings optimize_memory_settings
configure_kernel_panic configure_kernel_panic
apply_network_optimizations apply_network_optimizations

View File

@@ -381,7 +381,7 @@ kernel.keys.maxkeys=1000000"
msg_info "$(translate "Setting systemd ulimits...")" msg_info "$(translate "Setting systemd ulimits...")"
for file in /etc/systemd/system.conf /etc/systemd/user.conf; do for file in /etc/systemd/system.conf /etc/systemd/user.conf; do
if ! grep -q "^DefaultLimitNOFILE=" "$file"; then if ! grep -q "^DefaultLimitNOFILE=" "$file"; then
echo "DefaultLimitNOFILE=256000" >> "$file" echo "DefaultLimitNOFILE=1048576" >> "$file"
fi fi
done done
msg_ok "$(translate "Systemd ulimits set")" msg_ok "$(translate "Systemd ulimits set")"
@@ -397,8 +397,9 @@ kernel.keys.maxkeys=1000000"
# Set ulimit for the shell user # Set ulimit for the shell user
msg_info "$(translate "Setting ulimit for the shell user...")" msg_info "$(translate "Setting ulimit for the shell user...")"
if ! grep -q "ulimit -n 256000" /root/.profile; then if ! grep -q "ulimit -n 1048576" /root/.profile; then
echo "ulimit -n 256000" >> /root/.profile sed -i '/ulimit -n 256000/d' /root/.profile 2>/dev/null
echo "ulimit -n 1048576" >> /root/.profile
fi fi
msg_ok "$(translate "Shell user ulimit set")" msg_ok "$(translate "Shell user ulimit set")"
@@ -412,8 +413,8 @@ vm.vfs_cache_pressure = 100"
# Increase Max FS open files # Increase Max FS open files
msg_info "$(translate "Increasing maximum file system open files...")" msg_info "$(translate "Increasing maximum file system open files...")"
append_or_replace "/etc/sysctl.d/99-fs.conf" " append_or_replace "/etc/sysctl.d/99-fs.conf" "
fs.nr_open = 12000000 fs.nr_open = 2097152
fs.file-max = 9223372036854775807 fs.file-max = 2097152
fs.aio-max-nr = 1048576" fs.aio-max-nr = 1048576"
msg_ok "$(translate "Max FS open files configuration created successfully")" msg_ok "$(translate "Max FS open files configuration created successfully")"
@@ -561,31 +562,8 @@ configure_time_sync() {
configure_entropy() { # configure_entropy removed — modern kernels (5.6+) have built-in entropy generation
msg_info2 "$(translate "Configuring entropy generation to prevent slowdowns...")" # haveged is no longer needed and adds unnecessary overhead
# Install haveged
msg_info "$(translate "Installing haveged...")"
/usr/bin/env DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::='--force-confdef' install haveged > /dev/null 2>&1
msg_ok "$(translate "haveged installed successfully")"
# Configure haveged
msg_info "$(translate "Configuring haveged...")"
cat <<EOF > /etc/default/haveged
# -w sets low entropy watermark (in bits)
DAEMON_ARGS="-w 1024"
EOF
# Reload systemd daemon
systemctl daemon-reload > /dev/null 2>&1
# Enable haveged service
systemctl enable haveged > /dev/null 2>&1
msg_ok "$(translate "haveged service enabled successfully")"
register_tool "entropy" true
msg_success "$(translate "Entropy generation configuration completed")"
}
@@ -1708,7 +1686,7 @@ su root adm
rotate 7 rotate 7
create create
compress compress
size=10M size 10M
delaycompress delaycompress
copytruncate copytruncate
@@ -1789,7 +1767,7 @@ vm.dirty_background_ratio = 5
vm.overcommit_memory = 1 vm.overcommit_memory = 1
# Avoid excessive virtual memory areas (safe for most applications) # Avoid excessive virtual memory areas (safe for most applications)
vm.max_map_count = 65530 vm.max_map_count = 262144
EOF EOF
if [ -f /proc/sys/vm/compaction_proactiveness ]; then if [ -f /proc/sys/vm/compaction_proactiveness ]; then
@@ -2675,7 +2653,7 @@ main_menu() {
"System|Optimize journald|JOURNALD" "System|Optimize journald|JOURNALD"
"System|Optimize logrotate|LOGROTATE" "System|Optimize logrotate|LOGROTATE"
"System|Increase various system limits|LIMITS" "System|Increase various system limits|LIMITS"
"System|Ensure entropy pools are populated|ENTROPY" # Entropy (haveged) removed — modern kernels 5.6+ have built-in entropy generation
"System|Optimize Memory|MEMORYFIXES" "System|Optimize Memory|MEMORYFIXES"
"System|Enable fast reboots|KEXEC" "System|Enable fast reboots|KEXEC"
"System|Enable restart on kernel panic|KERNELPANIC" "System|Enable restart on kernel panic|KERNELPANIC"
@@ -2824,7 +2802,7 @@ done
JOURNALD) optimize_journald ;; JOURNALD) optimize_journald ;;
LOGROTATE) optimize_logrotate ;; LOGROTATE) optimize_logrotate ;;
LIMITS) increase_system_limits ;; LIMITS) increase_system_limits ;;
ENTROPY) configure_entropy ;; # ENTROPY removed — modern kernels 5.6+ have built-in entropy
MEMORYFIXES) optimize_memory_settings ;; MEMORYFIXES) optimize_memory_settings ;;
KEXEC) enable_kexec ;; KEXEC) enable_kexec ;;
KERNELPANIC) configure_kernel_panic ;; KERNELPANIC) configure_kernel_panic ;;