Mercurial Hosting > hghosting
changeset 26:d3b72a8bfbe9 default tip
Add rate limiting, change moveLogs.sh to only operate on non-empty files
| author | Violet7 |
|---|---|
| date | Sat, 01 Nov 2025 22:12:56 -0700 |
| parents | 8a588847d730 |
| children | |
| files | moveLogs.sh nginx.conf |
| diffstat | 2 files changed, 17 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
diff -r 8a588847d730 -r d3b72a8bfbe9 moveLogs.sh --- a/moveLogs.sh Tue Oct 07 17:35:13 2025 -0600 +++ b/moveLogs.sh Sat Nov 01 22:12:56 2025 -0700 @@ -5,6 +5,6 @@ mv $hgaccesslog ${hgaccesslog}".0"; reposLogsDir=${ROOTPWD}"/logs/repos"; -ls $reposLogsDir | while read filename; do - mv -f $reposLogsDir/$filename $reposLogsDir/${filename}".0"; +find "$reposLogsDir" -type f ! -empty | while read filename; do + mv -f "$filename" "${filename}.0"; done;
diff -r 8a588847d730 -r d3b72a8bfbe9 nginx.conf --- a/nginx.conf Tue Oct 07 17:35:13 2025 -0600 +++ b/nginx.conf Sat Nov 01 22:12:56 2025 -0700 @@ -12,8 +12,21 @@ resolver 8.8.8.8 1.1.1.1 valid=600s; resolver_timeout 10s; - access_log off; - error_log off; + limit_req_zone $binary_remote_addr zone=perip:10m rate=10r/s; + limit_req zone=perip burst=20 nodelay; + limit_req_status 429; + limit_req_log_level warn; + + + + log_format full '$remote_addr - $remote_user [$time_local] ' + '"$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent" ' + 'X-Forwarded-For: $http_x_forwarded_for'; + + # Enable access log globally (all requests) + access_log /Users/administrator/hghosting/logs/nginx_access.log full; + error_log /Users/administrator/hghosting/logs/nginx_error.log; server { listen 80;