]> git.openstreetmap.org Git - chef.git/commitdiff
nominatim: add fail2ban filter for rate limited IP
authorSarah Hoffmann <lonvia@denofr.de>
Sat, 25 Apr 2020 08:03:00 +0000 (10:03 +0200)
committerSarah Hoffmann <lonvia@denofr.de>
Sat, 25 Apr 2020 08:03:00 +0000 (10:03 +0200)
cookbooks/nominatim/recipes/default.rb

index 04cedf1fea5dbd344b2bd3ca2f15cc6ff2d00a06..d898911370d818bad0514a8ad6245bd2df17b283 100644 (file)
@@ -401,3 +401,12 @@ directory "#{basedir}/status" do
   group "postgres"
   mode 0o775
 end
   group "postgres"
   mode 0o775
 end
+
+include_recipe "fail2ban"
+
+fail2ban_jail "nominatim_limit_req" do
+  filter "nginx-limit-req"
+  logpath "#{node[:nominatim][:logdir]}/nominatim.openstreetmap.org-error.log"
+  ports [80, 443]
+  maxretry 5
+end