update/fix rate limit environment variables
This commit is contained in:
parent
32fdda0b1e
commit
7983557c5a
6 changed files with 21 additions and 20 deletions
2
Cargo.lock
generated
2
Cargo.lock
generated
|
@ -416,7 +416,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "datatrash"
|
||||
version = "1.2.2"
|
||||
version = "2.0.0"
|
||||
dependencies = [
|
||||
"actix-files",
|
||||
"actix-governor",
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "datatrash"
|
||||
version = "1.2.2"
|
||||
version = "2.0.0"
|
||||
authors = ["neri"]
|
||||
edition = "2021"
|
||||
|
||||
|
|
20
README.md
20
README.md
|
@ -18,16 +18,16 @@ To run the software directly, use the compiling instructions below.
|
|||
|
||||
### General configuration
|
||||
|
||||
| environment variable | default value | description |
|
||||
| --------------------- | -------------- | ---------------------------------------------- |
|
||||
| STATIC_DIR | ./static | directory to generate "static" files into |
|
||||
| FILES_DIR | ./files | directory to save uploaded files into |
|
||||
| UPLOAD_MAX_BYTES | 8388608 (8MiB) | maximum size for uploaded files |
|
||||
| BIND_ADDRESS | 0.0.0.0:8000 | address to bind the server to |
|
||||
| RATE_LIMIT | true | whether download rate should be limited |
|
||||
| RATE_LIMIT_PROXIED | false | whether rate limit should read x-forwarded-for |
|
||||
| RATE_LIMIT_PER_SECOND | 60 | seconds to wait between requests |
|
||||
| RATE_LIMIT_BURST | 1440 | allowed request burst |
|
||||
| environment variable | default value | description |
|
||||
| ---------------------------- | -------------- | ---------------------------------------------- |
|
||||
| STATIC_DIR | ./static | directory to generate "static" files into |
|
||||
| FILES_DIR | ./files | directory to save uploaded files into |
|
||||
| UPLOAD_MAX_BYTES | 8388608 (8MiB) | maximum size for uploaded files |
|
||||
| BIND_ADDRESS | 0.0.0.0:8000 | address to bind the server to |
|
||||
| RATE_LIMIT | true | whether download rate should be limited |
|
||||
| RATE_LIMIT_PROXIED | false | whether rate limit should read x-forwarded-for |
|
||||
| RATE_LIMIT_REPLENISH_SECONDS | 60 | seconds to wait between requests |
|
||||
| RATE_LIMIT_BURST | 480 | allowed request burst |
|
||||
|
||||
### Database configuration
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ pub struct Config {
|
|||
pub no_auth_limits: Option<NoAuthLimits>,
|
||||
pub enable_rate_limit: bool,
|
||||
pub proxied: bool,
|
||||
pub rate_limit_per_second: u64,
|
||||
pub rate_limit_replenish_seconds: u64,
|
||||
pub rate_limit_burst: u32,
|
||||
}
|
||||
|
||||
|
@ -41,16 +41,17 @@ pub async fn get_config() -> Config {
|
|||
|
||||
let no_auth_limits = get_no_auth_limits();
|
||||
|
||||
// default to 480requests/8h
|
||||
let enable_rate_limit = matches!(env::var("RATE_LIMIT").as_deref(), Ok("true") | Err(_));
|
||||
let proxied = env::var("PROXIED").as_deref() == Ok("true");
|
||||
let rate_limit_per_second = env::var("RATE_LIMIT_PER_SECOND")
|
||||
let proxied = env::var("RATE_LIMIT_PROXIED").as_deref() == Ok("true");
|
||||
let rate_limit_replenish_seconds = env::var("RATE_LIMIT_REPLENISH_SECONDS")
|
||||
.ok()
|
||||
.and_then(|rate_limit| rate_limit.parse().ok())
|
||||
.unwrap_or(60);
|
||||
let rate_limit_burst = env::var("RATE_LIMIT_BURST")
|
||||
.ok()
|
||||
.and_then(|rate_limit| rate_limit.parse().ok())
|
||||
.unwrap_or(1440);
|
||||
.and_then(|burst| burst.parse().ok())
|
||||
.unwrap_or(480);
|
||||
|
||||
Config {
|
||||
static_dir,
|
||||
|
@ -59,7 +60,7 @@ pub async fn get_config() -> Config {
|
|||
no_auth_limits,
|
||||
enable_rate_limit,
|
||||
proxied,
|
||||
rate_limit_per_second,
|
||||
rate_limit_replenish_seconds,
|
||||
rate_limit_burst,
|
||||
}
|
||||
}
|
||||
|
|
|
@ -57,7 +57,7 @@ async fn main() -> std::io::Result<()> {
|
|||
let config = Data::new(config);
|
||||
|
||||
let governor_conf = GovernorConfigBuilder::default()
|
||||
.per_second(config.rate_limit_per_second)
|
||||
.per_second(config.rate_limit_replenish_seconds)
|
||||
.burst_size(config.rate_limit_burst)
|
||||
.key_extractor(ForwardedPeerIpKeyExtractor {
|
||||
proxied: config.proxied,
|
||||
|
|
|
@ -16,7 +16,7 @@ impl KeyExtractor for ForwardedPeerIpKeyExtractor {
|
|||
|
||||
fn extract(&self, req: &ServiceRequest) -> Result<Self::Key, Self::KeyExtractionError> {
|
||||
let forwarded_for = req.headers().get("x-forwarded-for");
|
||||
if !self.proxied && forwarded_for.is_some() {
|
||||
if self.proxied && forwarded_for.is_some() {
|
||||
let forwarded_for = forwarded_for
|
||||
.unwrap()
|
||||
.to_str()
|
||||
|
|
Loading…
Reference in a new issue