aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lualib/redis_scripts/ratelimit_check.lua5
-rw-r--r--src/plugins/lua/ratelimit.lua5
2 files changed, 9 insertions, 1 deletions
diff --git a/lualib/redis_scripts/ratelimit_check.lua b/lualib/redis_scripts/ratelimit_check.lua
index f24e0daf0..f066610a5 100644
--- a/lualib/redis_scripts/ratelimit_check.lua
+++ b/lualib/redis_scripts/ratelimit_check.lua
@@ -31,6 +31,8 @@ local leak_rate = tonumber(KEYS[3])
local max_burst = tonumber(KEYS[4])
local prefix = KEYS[1]
local enable_dynamic = KEYS[7] == 'true'
+local cache_prefix = KEYS[8]
+local max_cache_size = KEYS[9]
local dynr, dynb, leaked = 0, 0, 0
if not last then
-- New bucket
@@ -83,6 +85,9 @@ if burst + pending > 0 then
burst = burst + pending
if burst > 0 and burst > max_burst * dynb then
+ redis.call('ZREMRANGEBYRANK', cache_prefix, 0, -(max_cache_size + 1))
+ redis.call('ZINCRBY', cache_prefix, 1, prefix)
+
return { 1, tostring(burst - pending), tostring(dynr), tostring(dynb), tostring(leaked) }
end
-- Increase pending if we allow ratelimit
diff --git a/src/plugins/lua/ratelimit.lua b/src/plugins/lua/ratelimit.lua
index 168d8d63a..c0783eac8 100644
--- a/src/plugins/lua/ratelimit.lua
+++ b/src/plugins/lua/ratelimit.lua
@@ -41,6 +41,8 @@ local settings = {
-- Do not check ratelimits for these recipients
whitelisted_rcpts = { 'postmaster', 'mailer-daemon' },
prefix = 'RL',
+ cache_prefix = 'RL_cache_prefix',
+ max_cache_size = 30,
-- If enabled, we apply dynamic rate limiting based on the verdict
dynamic_rate_limit = false,
ham_factor_rate = 1.01,
@@ -455,7 +457,8 @@ local function ratelimit_cb(task)
{ key = value.hash, task = task, is_write = true },
gen_check_cb(pr, bucket, value.name, value.hash),
{ value.hash, tostring(now), tostring(rate), tostring(bucket.burst),
- tostring(settings.expire), tostring(bincr), tostring(dyn_rate_enabled) })
+ tostring(settings.expire), tostring(bincr), tostring(dyn_rate_enabled),
+ settings.cache_prefix, settings.max_cache_size })
end
end
end
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-05 14:34:43 +0000
ption> Nextcloud server, a safe home for all your data: https://github.com/nextcloud/serverwww-data
aboutsummaryrefslogtreecommitdiffstats
path: root/.gitignore
blob: 938ccba254497208ec478925b0735292960a3027 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

# the default generated dir + db file
/data
/config/config.php
/config/*.config.php
/config/mimetype*.json
/config/mount.php
/apps/inc.php
/assets
/.htaccess
/node_modules
/translationfiles
/translationtool.phar

# ignore all apps except core ones
/apps*/*
!/apps/accessibility
!/apps/cloud_federation_api
!/apps/comments
!/apps/dav
!/apps/files
!/apps/federation
!/apps/federatedfilesharing
!/apps/sharebymail
!/apps/encryption
!/apps/files_external
!/apps/files_sharing
!/apps/files_trashbin
!/apps/files_versions
!/apps/lookup_server_connector
!/apps/user_ldap
!/apps/oauth2
!/apps/provisioning_api
!/apps/systemtags
!/apps/testing
!/apps/admin_audit
!/apps/updatenotification
!/apps/theming
!/apps/twofactor_backupcodes
!/apps/workflowengine
/apps/files_external/3rdparty/irodsphp/PHPUnitTest
/apps/files_external/3rdparty/irodsphp/web
/apps/files_external/3rdparty/irodsphp/prods/test
/apps/files_external/3rdparty/irodsphp/prods/tutorials
/apps/files_external/3rdparty/irodsphp/prods/test*
/apps/files_external/tests/config.*.php

# apps modules
/apps/*/node_modules


# ignore themes except the example and the README
/themes/*
!/themes/example
!/themes/README

# just sane ignores
.*.sw[po]
*.bak
*.BAK
*~
*.orig
*.class
.cvsignore
Thumbs.db
*.py[co]
_darcs/*
CVS/*
.svn/*
RCS/*
*.backup*

# kdevelop
.kdev
*.kdev4
*.kate-swp

# Lokalize
*lokalize*

# eclipse
.project
.settings

# netbeans
nbproject

# phpStorm
.idea
*.iml

# vscode
.vscode

# geany
*.geany

# Cloud9IDE
.settings.xml
.c9revisions

# vim ex mode
.vimrc

# ack(-grep)
.ackrc

# Mac OS
.DS_Store

# WebFinger
.well-known
/.buildpath

# Tests
/tests/phpunit.xml

# Node Modules
/build/node_modules/

# nodejs
/build/bin
/build/lib/
/build/jsdocs/
/npm-debug.log
/PhantomJS_*
/build/package-lock.json

# puphpet
puphpet

# vagrant
.vagrant
Vagrantfile

# Tests - auto-generated files
/data-autotest
/tests/coverage*
/tests/css
/tests/karma-coverage
/tests/autoconfig*
/tests/autotest*
/tests/data/lorem-copy.txt
/tests/data/testimage-copy.png
/tests/ui-regression/out/
/tests/ui-regression/node_modules/
/tests/ui-regression/package-lock.json
/config/config-autotest-backup.php
/config/autoconfig.php
clover.xml

# Tests - dependencies
tests/acceptance/composer.lock
tests/acceptance/vendor/