HTWK/htwkalender
1
1
Fork 0
mirror of https://gitlab.dit.htwk-leipzig.de/htwk-software/htwkalender.git synced 2025-07-16 17:48:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix:#7 added limit to POST in nginx config

Browse Source
This commit is contained in:
Elmar Kresse
2024-06-10 21:29:56 +02:00
parent 5e8365f3c5
commit 085ffe1baf
3 changed files with 29 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docker-compose.prod.yml
View File

@ -16,7 +16,7 @@
services: services:
htwkalender-data-manager: htwkalender-data-manager:
image: DOCKER_REGISTRY_REPO-backend # DOCKER_REGISTRY_REPO will be replaced by CI image: DOCKER_REGISTRY_REPO-data-manager # DOCKER_REGISTRY_REPO will be replaced by CI
command: "--http=0.0.0.0:8090 --dir=/htwkalender/data/pb_data" command: "--http=0.0.0.0:8090 --dir=/htwkalender/data/pb_data"
pull_policy: always pull_policy: always
restart: always restart: always
@ -25,6 +25,14 @@ services:
networks: networks:
- "net" - "net"
htwkalender-ical:
image: DOCKER_REGISTRY_REPO-ical # DOCKER_REGISTRY_REPO will be replaced by CI
pull_policy: always
restart: always
target: prod
networks:
- "net"
htwkalender-frontend: htwkalender-frontend:
image: DOCKER_REGISTRY_REPO-frontend # DOCKER_REGISTRY_REPO will be replaced by CI image: DOCKER_REGISTRY_REPO-frontend # DOCKER_REGISTRY_REPO will be replaced by CI
pull_policy: always pull_policy: always

15
reverseproxy.conf
View File

@ -107,6 +107,12 @@ http {
1 $binary_remote_addr; 1 $binary_remote_addr;
} }
# Different rate limits for different request methods
map $request_method $limit_zone {
POST createFeed; # Create feed is limited to 1 request per minute
default feed; # All other requests are limited to 20 requests per minute
}
# Limit the number of requests per IP # Limit the number of requests per IP
limit_req_zone $limit_key zone=feed:20m rate=20r/m; limit_req_zone $limit_key zone=feed:20m rate=20r/m;
limit_req_zone $limit_key zone=createFeed:10m rate=1r/m; limit_req_zone $limit_key zone=createFeed:10m rate=1r/m;
@ -125,7 +131,8 @@ http {
proxy_read_timeout 600s; proxy_read_timeout 600s;
proxy_send_timeout 600s; proxy_send_timeout 600s;
send_timeout 600s; send_timeout 600s;
limit_req zone=feed burst=10 nodelay; limit_req zone=$limit_zone burst=10 nodelay;
limit_req_status 429;
} }
location / { location / {
@ -146,7 +153,8 @@ http {
proxy_read_timeout 600s; proxy_read_timeout 600s;
proxy_send_timeout 600s; proxy_send_timeout 600s;
send_timeout 600s; send_timeout 600s;
limit_req zone=feed burst=10 nodelay; limit_req zone=$limit_zone burst=10 nodelay;
limit_req_status 429;
} }
location / { location / {
@ -181,7 +189,8 @@ http {
proxy_read_timeout 600s; proxy_read_timeout 600s;
proxy_send_timeout 600s; proxy_send_timeout 600s;
send_timeout 600s; send_timeout 600s;
limit_req zone=feed burst=10 nodelay; limit_req zone=$limit_zone burst=10 nodelay;
limit_req_status 429;
} }
location /api { location /api {

9
reverseproxy.dev.conf
View File

@ -108,6 +108,12 @@ http {
1 $binary_remote_addr; 1 $binary_remote_addr;
} }
# Different rate limits for different request methods
map $request_method $limit_zone {
POST createFeed; # Create feed is limited to 1 request per minute
default feed; # All other requests are limited to 20 requests per minute
}
# Limit the number of requests per IP # Limit the number of requests per IP
limit_req_zone $limit_key zone=feed:20m rate=20r/m; limit_req_zone $limit_key zone=feed:20m rate=20r/m;
limit_req_zone $limit_key zone=createFeed:10m rate=1r/m; limit_req_zone $limit_key zone=createFeed:10m rate=1r/m;
@ -136,7 +142,8 @@ http {
proxy_read_timeout 600s; proxy_read_timeout 600s;
proxy_send_timeout 600s; proxy_send_timeout 600s;
send_timeout 600s; send_timeout 600s;
limit_req zone=feed burst=10 nodelay; limit_req zone=$limit_zone burst=10 nodelay;
limit_req_status 429;
} }
location /api { location /api {