diff options
| author | Chocobozzz <me@florianbigard.com> | 2022-10-25 15:48:00 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2022-10-25 15:48:00 +0200 |
| commit | 216fa9d5793469f2ad958363fb270990fbce3787 (patch) | |
| tree | e50c01aef8e6b5e160fa97552622b8db56f300f6 /support/nginx/peertube | |
| parent | ae7b0cbbcf05f7847dee765d8def9cf91052aec0 (diff) | |
| download | PeerTube-216fa9d5793469f2ad958363fb270990fbce3787.tar.gz PeerTube-216fa9d5793469f2ad958363fb270990fbce3787.tar.zst PeerTube-216fa9d5793469f2ad958363fb270990fbce3787.zip | |
Update nginx template
Add rate limit to download and private static files
Diffstat (limited to 'support/nginx/peertube')
| -rw-r--r-- | support/nginx/peertube | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/support/nginx/peertube b/support/nginx/peertube index cf200ba00..aeeb5a612 100644 --- a/support/nginx/peertube +++ b/support/nginx/peertube | |||
| @@ -214,8 +214,16 @@ server { | |||
| 214 | try_files $uri @api; | 214 | try_files $uri @api; |
| 215 | } | 215 | } |
| 216 | 216 | ||
| 217 | location ~ ^/static/(webseed|streaming-playlists)/private/ { | 217 | location ~ ^(/static/(webseed|streaming-playlists)/private/)|^/download { |
| 218 | try_files /dev/null @api; | 218 | # We can't rate limit a try_files directive, so we need to duplicate @api |
| 219 | |||
| 220 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| 221 | proxy_set_header Host $host; | ||
| 222 | proxy_set_header X-Real-IP $remote_addr; | ||
| 223 | |||
| 224 | proxy_limit_rate 5M; | ||
| 225 | |||
| 226 | proxy_pass http://backend; | ||
| 219 | } | 227 | } |
| 220 | 228 | ||
| 221 | # Bypass PeerTube for performance reasons. Optional. | 229 | # Bypass PeerTube for performance reasons. Optional. |
| @@ -231,9 +239,9 @@ server { | |||
| 231 | } | 239 | } |
| 232 | 240 | ||
| 233 | # Use this line with nginx >= 1.17.0 | 241 | # Use this line with nginx >= 1.17.0 |
| 234 | #limit_rate $peertube_limit_rate; | 242 | limit_rate $peertube_limit_rate; |
| 235 | # Or this line if your nginx < 1.17.0 | 243 | # Or this line with nginx < 1.17.0 |
| 236 | set $limit_rate $peertube_limit_rate; | 244 | # set $limit_rate $peertube_limit_rate; |
| 237 | 245 | ||
| 238 | if ($request_method = 'OPTIONS') { | 246 | if ($request_method = 'OPTIONS') { |
| 239 | add_header Access-Control-Allow-Origin '*'; | 247 | add_header Access-Control-Allow-Origin '*'; |