From 9be7e9a1b5abf131ae5dea3efdcb064a82e3c6cf Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Fri, 22 Aug 2014 17:28:07 +1000
Subject: [PATCH] Remove temporary code, add rate limited initial template

---
 templates/postgres.9.2.template.yml    |  2 --
 templates/postgres.template.yml        |  3 ---
 templates/web.ratelimited.template.yml | 21 +++++++++++++++++++++
 3 files changed, 21 insertions(+), 5 deletions(-)
 create mode 100644 templates/web.ratelimited.template.yml

diff --git a/templates/postgres.9.2.template.yml b/templates/postgres.9.2.template.yml
index ed78691..8ddf363 100644
--- a/templates/postgres.9.2.template.yml
+++ b/templates/postgres.9.2.template.yml
@@ -6,8 +6,6 @@ hooks:
        to: sv start postgres || exit 1
 
 run:
-  # temporary
-  - exec: apt-get install -y socat
   - exec: mkdir -p /shared/postgres_run
   - exec: chown postgres:postgres /shared/postgres_run
   - exec: chmod 775 /shared/postgres_run
diff --git a/templates/postgres.template.yml b/templates/postgres.template.yml
index 0976803..037dc5e 100644
--- a/templates/postgres.template.yml
+++ b/templates/postgres.template.yml
@@ -12,9 +12,6 @@ hooks:
        to: sv start postgres || exit 1
 
 run:
-  # temporary
-  - exec: apt-get update
-  - exec: apt-get install -y socat
   - exec: mkdir -p /shared/postgres_run
   - exec: chown postgres:postgres /shared/postgres_run
   - exec: chmod 775 /shared/postgres_run
diff --git a/templates/web.ratelimited.template.yml b/templates/web.ratelimited.template.yml
new file mode 100644
index 0000000..fe7a5e3
--- /dev/null
+++ b/templates/web.ratelimited.template.yml
@@ -0,0 +1,21 @@
+params:
+  reqs_per_second: 12
+  burst_per_second: 12
+  reqs_per_minute: 100
+  burst_per_minute: 50
+
+run:
+  - replace:
+     filename: "/etc/nginx/conf.d/discourse.conf"
+     from: /server.+{/
+     to: |
+       limit_req_zone $binary_remote_addr zone=flood:10m rate $reqs_per_secondr/s;
+       limit_req_zone $binary_remote_addr zone=bot:10m rate $reqs_per_minuter/m;
+       server {
+  - replace:
+     filename: "/etc/nginx/conf.d/discourse.conf"
+     from: "/location @discourse {/"
+     to: |
+       location @discourse {
+         limit_req zone=flood burst=$burst_per_second nodelay;
+         limit_req zone=bot burst=$burst_per_minute nodelay;
-- 
2.25.1