make sure

This commit is contained in:
Ivaylo Novakov 2022-03-14 18:03:08 +01:00
parent 0e793f3456
commit a3a5d6fa88
No known key found for this signature in database
GPG Key ID: 06B9354AB08BE9C6
1 changed files with 75 additions and 77 deletions

View File

@ -25,87 +25,85 @@ set $skynet_proof '';
set $limit_rate 0; set $limit_rate 0;
access_by_lua_block { access_by_lua_block {
if require("skynet.account").accounts_enabled() then -- if require("skynet.account").accounts_enabled() then
-- check if portal is in authenticated only mode -- -- check if portal is in authenticated only mode
if require("skynet.account").is_access_unauthorized() then -- if require("skynet.account").is_access_unauthorized() then
return require("skynet.account").exit_access_unauthorized() -- return require("skynet.account").exit_access_unauthorized()
end -- end
--
-- check if portal is in subscription only mode -- -- check if portal is in subscription only mode
if require("skynet.account").is_access_forbidden() then -- if require("skynet.account").is_access_forbidden() then
return require("skynet.account").exit_access_forbidden() -- return require("skynet.account").exit_access_forbidden()
end -- end
--
-- get account limits of currently authenticated user -- -- get account limits of currently authenticated user
local limits = require("skynet.account").get_account_limits() -- local limits = require("skynet.account").get_account_limits()
--
-- apply download speed limit -- -- apply download speed limit
ngx.var.limit_rate = limits.download -- ngx.var.limit_rate = limits.download
end -- end
-- -- the block below only makes sense if we are using nginx cache
-- if not ngx.var.skyd_disk_cache_enabled then
-- local httpc = require("resty.http").new()
--
-- -- detect whether requested skylink is v2
-- local isBase32v2 = string.len(ngx.var.skylink) == 55 and string.sub(ngx.var.skylink, 0, 2) == "04"
-- local isBase64v2 = string.len(ngx.var.skylink) == 46 and string.sub(ngx.var.skylink, 0, 2) == "AQ"
--
-- if isBase32v2 or isBase64v2 then
-- -- 10.10.10.10 points to sia service (alias not available when using resty-http)
-- local res, err = httpc:request_uri("http://10.10.10.10:9980/skynet/resolve/" .. ngx.var.skylink_v2, {
-- headers = { ["User-Agent"] = "Sia-Agent" }
-- })
--
-- -- print error and exit with 500 or exit with response if status is not 200
-- if err or (res and res.status ~= ngx.HTTP_OK) then
-- ngx.status = (err and ngx.HTTP_INTERNAL_SERVER_ERROR) or res.status
-- ngx.header["content-type"] = "text/plain"
-- ngx.say(err or res.body)
-- return ngx.exit(ngx.status)
-- end
--
-- local json = require('cjson')
-- local resolve = json.decode(res.body)
-- ngx.var.skylink_v1 = resolve.skylink
-- ngx.var.skynet_proof = res.headers["Skynet-Proof"]
-- end
--
-- -- check if skylink v1 is present on blocklist (compare hashes)
-- if require("skynet.blocklist").is_blocked(ngx.var.skylink_v1) then
-- return require("skynet.blocklist").exit_illegal()
-- end
--
-- -- if skylink is found on nocache list then set internal nocache variable
-- -- to tell nginx that it should not try and cache this file (too large)
-- if ngx.shared.nocache:get(ngx.var.skylink_v1) then
-- ngx.var.nocache = "1"
-- end
-- end
} }
### -- the block below only makes sense if we are using nginx cache
### if not ngx.var.skyd_disk_cache_enabled then
### local httpc = require("resty.http").new()
###
### -- detect whether requested skylink is v2
### local isBase32v2 = string.len(ngx.var.skylink) == 55 and string.sub(ngx.var.skylink, 0, 2) == "04"
### local isBase64v2 = string.len(ngx.var.skylink) == 46 and string.sub(ngx.var.skylink, 0, 2) == "AQ"
###
### if isBase32v2 or isBase64v2 then
### -- 10.10.10.10 points to sia service (alias not available when using resty-http)
### local res, err = httpc:request_uri("http://10.10.10.10:9980/skynet/resolve/" .. ngx.var.skylink_v2, {
### headers = { ["User-Agent"] = "Sia-Agent" }
### })
###
### -- print error and exit with 500 or exit with response if status is not 200
### if err or (res and res.status ~= ngx.HTTP_OK) then
### ngx.status = (err and ngx.HTTP_INTERNAL_SERVER_ERROR) or res.status
### ngx.header["content-type"] = "text/plain"
### ngx.say(err or res.body)
### return ngx.exit(ngx.status)
### end
###
### local json = require('cjson')
### local resolve = json.decode(res.body)
### ngx.var.skylink_v1 = resolve.skylink
### ngx.var.skynet_proof = res.headers["Skynet-Proof"]
### end
###
### -- check if skylink v1 is present on blocklist (compare hashes)
### if require("skynet.blocklist").is_blocked(ngx.var.skylink_v1) then
### return require("skynet.blocklist").exit_illegal()
### end
###
### -- if skylink is found on nocache list then set internal nocache variable
### -- to tell nginx that it should not try and cache this file (too large)
### if ngx.shared.nocache:get(ngx.var.skylink_v1) then
### ngx.var.nocache = "1"
### end
### end
header_filter_by_lua_block { header_filter_by_lua_block {
-- ngx.header["Skynet-Portal-Api"] = ngx.var.scheme .. "://" .. ngx.var.skynet_portal_domain
-- ngx.header["Skynet-Server-Api"] = ngx.var.scheme .. "://" .. ngx.var.skynet_server_domain
--
-- -- the block below only makes sense if we are using nginx cache
-- if not ngx.var.skyd_disk_cache_enabled then
-- -- not empty skynet_proof means this is a skylink v2 request
-- -- so we should replace the Skynet-Proof header with the one
-- -- we got from /skynet/resolve/ endpoint, otherwise we would
-- -- be serving cached empty v1 skylink Skynet-Proof header
-- if ngx.var.skynet_proof and ngx.var.skynet_proof ~= "" then
-- ngx.header["Skynet-Proof"] = ngx.var.skynet_proof
-- end
--
-- -- add skylink to nocache list if it exceeds 1GB (1e+9 bytes) threshold
-- -- (content length can be nil for already cached files - we can ignore them)
-- if ngx.header["Content-Length"] and tonumber(ngx.header["Content-Length"]) > 1e+9 then
-- ngx.shared.nocache:set(ngx.var.skylink_v1, ngx.header["Content-Length"])
-- end
-- end
} }
### ngx.header["Skynet-Portal-Api"] = ngx.var.scheme .. "://" .. ngx.var.skynet_portal_domain
### ngx.header["Skynet-Server-Api"] = ngx.var.scheme .. "://" .. ngx.var.skynet_server_domain
###
### -- the block below only makes sense if we are using nginx cache
### if not ngx.var.skyd_disk_cache_enabled then
### -- not empty skynet_proof means this is a skylink v2 request
### -- so we should replace the Skynet-Proof header with the one
### -- we got from /skynet/resolve/ endpoint, otherwise we would
### -- be serving cached empty v1 skylink Skynet-Proof header
### if ngx.var.skynet_proof and ngx.var.skynet_proof ~= "" then
### ngx.header["Skynet-Proof"] = ngx.var.skynet_proof
### end
###
### -- add skylink to nocache list if it exceeds 1GB (1e+9 bytes) threshold
### -- (content length can be nil for already cached files - we can ignore them)
### if ngx.header["Content-Length"] and tonumber(ngx.header["Content-Length"]) > 1e+9 then
### ngx.shared.nocache:set(ngx.var.skylink_v1, ngx.header["Content-Length"])
### end
### end
limit_rate_after 512k; limit_rate_after 512k;
limit_rate $limit_rate; limit_rate $limit_rate;