2021-08-05 12:34:00 +00:00
|
|
|
include /etc/nginx/conf.d/include/cors;
|
|
|
|
include /etc/nginx/conf.d/include/sia-auth;
|
|
|
|
include /etc/nginx/conf.d/include/track-registry;
|
|
|
|
|
|
|
|
limit_req zone=registry_access_by_ip burst=600 nodelay;
|
|
|
|
limit_req zone=registry_access_by_ip_throttled burst=200 nodelay;
|
|
|
|
|
|
|
|
proxy_set_header User-Agent: Sia-Agent;
|
|
|
|
proxy_read_timeout 600; # siad should timeout with 404 after 5 minutes
|
2021-08-27 12:15:22 +00:00
|
|
|
proxy_pass http://sia:9980/skynet/registry;
|
2021-08-05 12:34:00 +00:00
|
|
|
|
|
|
|
access_by_lua_block {
|
|
|
|
-- this block runs only when accounts are enabled
|
|
|
|
if os.getenv("ACCOUNTS_ENABLED") ~= "true" then return end
|
|
|
|
|
2021-08-27 12:15:22 +00:00
|
|
|
local httpc = require("resty.http").new()
|
|
|
|
|
|
|
|
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
|
|
|
local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits", {
|
2021-08-27 16:33:27 +00:00
|
|
|
headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt }
|
2021-08-27 12:15:22 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
-- fail gracefully in case /user/limits failed
|
|
|
|
if err or (res and res.status ~= ngx.HTTP_OK) then
|
|
|
|
ngx.log(ngx.ERR, "Failed accounts service request /user/limits: ", err or ("[HTTP " .. res.status .. "] " .. res.body))
|
|
|
|
elseif res and res.status == ngx.HTTP_OK then
|
2021-08-05 12:34:00 +00:00
|
|
|
local json = require('cjson')
|
|
|
|
local limits = json.decode(res.body)
|
|
|
|
if limits.registry > 0 then
|
|
|
|
ngx.sleep(limits.registry / 1000)
|
|
|
|
end
|
|
|
|
end
|
2021-08-05 12:46:04 +00:00
|
|
|
}
|