mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-11-17 20:54:57 +00:00
Exempt Matrix server from ntfy rate limit (#2135)
* Exempt Matrix server from ntfy rate limit Add the matrix fqdn and localhost to ntfy's exemption list. Also allow all ntfy rate limits to be configured through Ansible variables. * Fix names and formatting * fixes * tabs not spaces * Lint * Use raw tags instead of bracket soup
This commit is contained in:
parent
9c0cf5481a
commit
140acfcc5f
@ -14,6 +14,14 @@ matrix_ntfy_docker_image_force_pull: "{{ matrix_ntfy_docker_image.endswith(':lat
|
|||||||
# Public facing base URL of the ntfy service
|
# Public facing base URL of the ntfy service
|
||||||
matrix_ntfy_base_url: "https://{{ matrix_server_fqn_ntfy }}"
|
matrix_ntfy_base_url: "https://{{ matrix_server_fqn_ntfy }}"
|
||||||
|
|
||||||
|
# Rate limits
|
||||||
|
|
||||||
|
matrix_ntfy_global_topic_limit: 15000 # default
|
||||||
|
matrix_ntfy_visitor_subscription_limit: 30 # default
|
||||||
|
matrix_ntfy_visitor_request_limit_burst: 60 # default
|
||||||
|
matrix_ntfy_visitor_request_limit_replenish: "5s" # default
|
||||||
|
|
||||||
|
|
||||||
# Controls whether the container exposes its HTTP port (tcp/80 in the container).
|
# Controls whether the container exposes its HTTP port (tcp/80 in the container).
|
||||||
#
|
#
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:2586"), or empty string to not expose.
|
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:2586"), or empty string to not expose.
|
||||||
|
@ -2,3 +2,10 @@ base_url: {{ matrix_ntfy_base_url }}
|
|||||||
behind_proxy: true
|
behind_proxy: true
|
||||||
cache_file: /data/cache.db
|
cache_file: /data/cache.db
|
||||||
listen-http: :8080
|
listen-http: :8080
|
||||||
|
|
||||||
|
# Rate Limits
|
||||||
|
global-topic-limit: {{ matrix_ntfy_global_topic_limit | to_json }}
|
||||||
|
visitor-subscription-limit: {{ matrix_ntfy_visitor_subscription_limit | to_json }}
|
||||||
|
|
||||||
|
visitor-request-limit-burst: {{ matrix_ntfy_visitor_request_limit_burst | to_json }}
|
||||||
|
visitor-request-limit-replenish: "{{ matrix_ntfy_visitor_request_limit_replenish }}"
|
||||||
|
@ -11,11 +11,12 @@ Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true'
|
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true'
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true'
|
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true'
|
||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \
|
ExecStart={{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||||
--cap-drop=ALL \
|
--cap-drop=ALL \
|
||||||
--read-only \
|
--read-only \
|
||||||
|
--env NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS={{matrix_server_fqn_matrix}},localhost,$(docker network inspect {{matrix_docker_network}} -f "{% raw %}{{ (index .IPAM.Config 0).Subnet }}{% endraw %}") \
|
||||||
{% for arg in matrix_ntfy_container_extra_arguments %}
|
{% for arg in matrix_ntfy_container_extra_arguments %}
|
||||||
{{ arg }} \
|
{{ arg }} \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
@ -26,7 +27,7 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name
|
|||||||
--mount type=bind,src={{ matrix_ntfy_config_dir_path }},dst=/etc/ntfy,ro \
|
--mount type=bind,src={{ matrix_ntfy_config_dir_path }},dst=/etc/ntfy,ro \
|
||||||
--mount type=bind,src={{ matrix_ntfy_data_path }},dst=/data \
|
--mount type=bind,src={{ matrix_ntfy_data_path }},dst=/data \
|
||||||
{{ matrix_ntfy_docker_image }} \
|
{{ matrix_ntfy_docker_image }} \
|
||||||
serve
|
serve'
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true'
|
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true'
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true'
|
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true'
|
||||||
|
Loading…
Reference in New Issue
Block a user