Remove temporary code, add rate limited initial template

diff --git a/templates/postgres.9.2.template.yml b/templates/postgres.9.2.template.yml
index ed78691da2b59e83e88763af144bf8f7a1542ca0..8ddf363922dacd6d18e94a89762ad2586a824151 100644 (file)
--- a/templates/postgres.9.2.template.yml
+++ b/templates/postgres.9.2.template.yml
@@ -6,8 +6,6 @@ hooks:
        to: sv start postgres || exit 1
 
 run:
-  # temporary
-  - exec: apt-get install -y socat
   - exec: mkdir -p /shared/postgres_run
   - exec: chown postgres:postgres /shared/postgres_run
   - exec: chmod 775 /shared/postgres_run

diff --git a/templates/postgres.template.yml b/templates/postgres.template.yml
index 09768035bf6004858bb9b14dbb6bf19822059e4e..037dc5ea21c38559018ed5f4610935f0e3acc5c4 100644 (file)
--- a/templates/postgres.template.yml
+++ b/templates/postgres.template.yml
@@ -12,9 +12,6 @@ hooks:
        to: sv start postgres || exit 1
 
 run:
-  # temporary
-  - exec: apt-get update
-  - exec: apt-get install -y socat
   - exec: mkdir -p /shared/postgres_run
   - exec: chown postgres:postgres /shared/postgres_run
   - exec: chmod 775 /shared/postgres_run

diff --git a/templates/web.ratelimited.template.yml b/templates/web.ratelimited.template.yml
new file mode 100644 (file)
index 0000000..fe7a5e3
--- /dev/null
+++ b/templates/web.ratelimited.template.yml
@@ -0,0 +1,21 @@
+params:
+  reqs_per_second: 12
+  burst_per_second: 12
+  reqs_per_minute: 100
+  burst_per_minute: 50
+
+run:
+  - replace:
+     filename: "/etc/nginx/conf.d/discourse.conf"
+     from: /server.+{/
+     to: |
+       limit_req_zone $binary_remote_addr zone=flood:10m rate $reqs_per_secondr/s;
+       limit_req_zone $binary_remote_addr zone=bot:10m rate $reqs_per_minuter/m;
+       server {
+  - replace:
+     filename: "/etc/nginx/conf.d/discourse.conf"
+     from: "/location @discourse {/"
+     to: |
+       location @discourse {
+         limit_req zone=flood burst=$burst_per_second nodelay;
+         limit_req zone=bot burst=$burst_per_minute nodelay;