mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-07 18:14:35 +00:00
4e9414ba6e
* PHRAS-3588 manage http request limits by verbs * PHRAS-3588 change limit method * re-introduce burst parameters * PHRAS-3588 add activation boolean * applying auto-documentation format for env var
96 lines
2.7 KiB
Plaintext
96 lines
2.7 KiB
Plaintext
|
|
send_timeout $GATEWAY_SEND_TIMEOUT;
|
|
keepalive_timeout $GATEWAY_SEND_TIMEOUT;
|
|
proxy_connect_timeout $GATEWAY_PROXY_TIMEOUT;
|
|
proxy_send_timeout $GATEWAY_PROXY_TIMEOUT;
|
|
client_header_timeout $GATEWAY_SEND_TIMEOUT;
|
|
client_body_timeout $GATEWAY_SEND_TIMEOUT;
|
|
fastcgi_read_timeout $GATEWAY_FASTCGI_TIMEOUT;
|
|
|
|
map $request_method $postlimit {
|
|
default "";
|
|
POST $binary_remote_addr;
|
|
}
|
|
|
|
map $request_method $getlimit {
|
|
default "";
|
|
GET $binary_remote_addr;
|
|
}
|
|
|
|
limit_req_status 429;
|
|
limit_req_zone $getlimit zone=readlimitsbyip:$HTTP_READ_REQUEST_LIMIT_MEMORYm rate=$HTTP_READ_REQUEST_LIMIT_RATEr/s;
|
|
limit_req_zone $postlimit zone=writelimitsbyip:$HTTP_WRITE_REQUEST_LIMIT_MEMORYm rate=$HTTP_WRITE_REQUEST_LIMIT_RATEr/s;
|
|
resolver $NEW_RESOLVER;
|
|
|
|
upstream backend {
|
|
server phraseanet:9000;
|
|
}
|
|
|
|
#upstream samlsp {
|
|
# server phraseanet-saml-sp:8080;
|
|
#}
|
|
|
|
server {
|
|
listen 80;
|
|
root /var/alchemy/Phraseanet/www;
|
|
|
|
index index.php;
|
|
client_max_body_size $MAX_BODY_SIZE;
|
|
|
|
location /api {
|
|
if (-f /var/alchemy/Phraseanet/datas/nginx/maintenance.html) {
|
|
return 503;
|
|
}
|
|
rewrite ^(.*)$ /api.php/$1 last;
|
|
}
|
|
|
|
location / {
|
|
|
|
error_page 503 = @maintenance;
|
|
recursive_error_pages on;
|
|
if (-f /var/alchemy/Phraseanet/datas/nginx/maintenance.html) {
|
|
return 503;
|
|
}
|
|
# First attempt to serve request as file, then
|
|
# as directory, then fall back to index.html
|
|
try_files $uri $uri/ @rewriteapp;
|
|
limit_req zone=readlimitsbyip burst=$HTTP_READ_REQUEST_LIMIT_BURST nodelay;
|
|
limit_req zone=writelimitsbyip burst=$HTTP_WRITE_REQUEST_LIMIT_BURST nodelay;
|
|
}
|
|
|
|
location @rewriteapp {
|
|
rewrite ^(.*)$ /index.php/$1 last;
|
|
}
|
|
|
|
# PHP scripts -> PHP-FPM server listening on 127.0.0.1:9000
|
|
location ~ ^/(index|index_dev|api)\.php(/|$) {
|
|
fastcgi_pass backend;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
include fastcgi_params;
|
|
$GATEWAY_FASTCGI_HTTPS
|
|
include restrictions;
|
|
}
|
|
|
|
location ~ ^/(status|ping)$ {
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_index index.php;
|
|
include fastcgi_params;
|
|
include fastcgi_extended_params;
|
|
fastcgi_pass backend;
|
|
}
|
|
|
|
location /simplesaml/ {
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
set $target $NEW_TARGET:8080;
|
|
proxy_pass http://$target;
|
|
|
|
}
|
|
|
|
location @maintenance {
|
|
root /var/alchemy/Phraseanet/datas/nginx/;
|
|
try_files $uri /maintenance.html;
|
|
}
|
|
}
|