From e0520de05e3edcb2a1abc6d613f87f2cb7a0da68 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 11 Nov 2021 16:59:51 +0100 Subject: [PATCH 1/2] introduce hard upload limits --- docker/nginx/conf.d/server/server.api | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 389a2d7f..34dca82e 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -139,7 +139,7 @@ location /skynet/skyfile { limit_req zone=uploads_by_ip burst=100 nodelay; limit_req zone=uploads_by_ip_throttled; - limit_conn upload_conn 10; + limit_conn upload_conn 2; limit_conn upload_conn_rl 1; client_max_body_size 1000M; # make sure to limit the size of upload to a sane value @@ -174,6 +174,12 @@ location /skynet/tus { include /etc/nginx/conf.d/include/cors-headers; # include cors headers but do not overwrite OPTIONS response include /etc/nginx/conf.d/include/track-upload; + limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip_throttled; + + limit_conn upload_conn 2; + limit_conn upload_conn_rl 1; + # TUS chunks size is 40M + leaving 10M of breathing room client_max_body_size 50M; @@ -239,6 +245,12 @@ location /skynet/pin { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; + limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip_throttled; + + limit_conn upload_conn 2; + limit_conn upload_conn_rl 1; + proxy_set_header User-Agent: Sia-Agent; proxy_pass http://sia:9980$uri?siapath=$dir1/$dir2/$dir3&$args; } From c0eb41d10d77e8a151f5c36a1b009e4c2a085661 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 11 Nov 2021 17:17:53 +0100 Subject: [PATCH 2/2] Set burst to 2. --- docker/nginx/conf.d/server/server.api | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 34dca82e..01de2ad5 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -136,7 +136,7 @@ location /skynet/skyfile { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; - limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip burst=2 nodelay; limit_req zone=uploads_by_ip_throttled; limit_conn upload_conn 2; @@ -174,7 +174,7 @@ location /skynet/tus { include /etc/nginx/conf.d/include/cors-headers; # include cors headers but do not overwrite OPTIONS response include /etc/nginx/conf.d/include/track-upload; - limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip burst=2 nodelay; limit_req zone=uploads_by_ip_throttled; limit_conn upload_conn 2; @@ -245,7 +245,7 @@ location /skynet/pin { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; - limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip burst=2 nodelay; limit_req zone=uploads_by_ip_throttled; limit_conn upload_conn 2;