diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2025-11-15 10:19:23 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2025-11-15 10:19:23 -0300 |
| commit | b7958c76c28d89e90f38c1d37f8328d3ee9ee8da (patch) | |
| tree | 0ece9a4d0223014f00bb074d78d19dfbacdf886f /manifests/site.pp | |
| parent | 1e03648387cf5efb9b7fdf99366b2d8a1f8d8ea0 (diff) | |
| download | puppet-nginx-b7958c76c28d89e90f38c1d37f8328d3ee9ee8da.tar.gz puppet-nginx-b7958c76c28d89e90f38c1d37f8328d3ee9ee8da.tar.bz2 | |
Feat: configurable per-site rate limiting
Diffstat (limited to 'manifests/site.pp')
| -rw-r--r-- | manifests/site.pp | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/manifests/site.pp b/manifests/site.pp index 4455f45..737a210 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -11,6 +11,11 @@ define nginx::site( $cache_size = '10m', $cache_inactive = '600s', $cache_max_size = '1m', + $rate_limit = false, + $rate_limit_key = '$binary_remote_addr', + $rate_limit_zone = $name, + $rate_limit_size = "10m", + $rate_limit_rate = "20r/s", $x_frame_options = 'DENY', ) { nginx::site::config { $name: @@ -47,6 +52,11 @@ define nginx::site( cache_size => $cache_size, cache_inactive => $cache_inactive, cache_max_size => $cache_max_size, + rate_limit => $rate_limit, + rate_limit_key => $rate_limit_key, + rate_limit_zone => $rate_limit_zone, + rate_limit_size => $rate_limit_size, + rate_limit_rate => $rate_limit_rate, x_frame_options => $x_frame_options, require => $certbot ? { true => $ensure ? { |