include /etc/nginx/conf.d/include/cors; include /etc/nginx/conf.d/include/proxy-buffer; include /etc/nginx/conf.d/include/track-download; limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time # ensure that skylink that we pass around is base64 encoded (transform base32 encoded ones) # this is important because we want only one format in cache keys and logs set_by_lua_block $skylink { return require("skynet.skylink").parse(ngx.var.skylink) } # default download rate to unlimited set $limit_rate 0; access_by_lua_block { if require("skynet.account").accounts_enabled() then -- check if portal is in authenticated only mode if require("skynet.account").is_access_unauthorized() then return require("skynet.account").exit_access_unauthorized() end -- check if portal is in subscription only mode if require("skynet.account").is_access_forbidden() then return require("skynet.account").exit_access_forbidden() end -- get account limits of currently authenticated user local limits = require("skynet.account").get_account_limits() -- apply download speed limit ngx.var.limit_rate = limits.download end } limit_rate_after 512k; limit_rate $limit_rate; proxy_read_timeout 600; proxy_set_header User-Agent: Sia-Agent; proxy_pass http://sia:9980/skynet/skylink/$skylink$path$is_args$args;