From 7eb9cc470bf89081ffe99361009c0de00ca9d545 Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Mon, 5 Sep 2022 09:09:43 +0100 Subject: [PATCH] Configurable api rate limit through nginx --- hosting/docker-compose.yaml | 1 + hosting/nginx.prod.conf.hbs | 2 +- hosting/proxy/Dockerfile | 3 ++- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/hosting/docker-compose.yaml b/hosting/docker-compose.yaml index 7d3e6960dc..c55ca34547 100644 --- a/hosting/docker-compose.yaml +++ b/hosting/docker-compose.yaml @@ -78,6 +78,7 @@ services: image: budibase/proxy environment: - PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10 + - PROXY_RATE_LIMIT_API_PER_SECOND=20 depends_on: - minio-service - worker-service diff --git a/hosting/nginx.prod.conf.hbs b/hosting/nginx.prod.conf.hbs index 3c0e34387d..430f452d7f 100644 --- a/hosting/nginx.prod.conf.hbs +++ b/hosting/nginx.prod.conf.hbs @@ -11,7 +11,7 @@ events { http { # rate limiting limit_req_status 429; - limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=20r/s; + limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=${PROXY_RATE_LIMIT_API_PER_SECOND}r/s; limit_req_zone $binary_remote_addr zone=webhooks:10m rate=${PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND}r/s; include /etc/nginx/mime.types; diff --git a/hosting/proxy/Dockerfile b/hosting/proxy/Dockerfile index d9b33e3e9a..298762aaf1 100644 --- a/hosting/proxy/Dockerfile +++ b/hosting/proxy/Dockerfile @@ -10,4 +10,5 @@ COPY .generated-nginx.prod.conf /etc/nginx/templates/nginx.conf.template COPY error.html /usr/share/nginx/html/error.html # Default environment -ENV PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10 \ No newline at end of file +ENV PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10 +ENV PROXY_RATE_LIMIT_API_PER_SECOND=20 \ No newline at end of file