From: Sarah Hoffmann <lonvia@denofr.de>
Date: Sun, 28 Feb 2021 10:00:30 +0000 (+0100)
Subject: nominatim: be a bit more lenient before banning
X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/440743879646b28a9fc271d04c6be6fe6ae74606

nominatim: be a bit more lenient before banning
---

diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
index 3e547c1ea..6946918f1 100644
--- a/cookbooks/nominatim/recipes/default.rb
+++ b/cookbooks/nominatim/recipes/default.rb
@@ -466,6 +466,6 @@ fail2ban_jail "nominatim_limit_req" do
   filter "nginx-limit-req"
   logpath "#{node[:nominatim][:logdir]}/nominatim.openstreetmap.org-error.log"
   ports [80, 443]
-  maxretry 5
+  maxretry 20
   ignoreips frontend_addresses.flatten.sort
 end
diff --git a/cookbooks/nominatim/templates/default/nginx.erb b/cookbooks/nominatim/templates/default/nginx.erb
index a44e9382c..1aae26e42 100644
--- a/cookbooks/nominatim/templates/default/nginx.erb
+++ b/cookbooks/nominatim/templates/default/nginx.erb
@@ -178,7 +178,7 @@ server {
         include <%= @confdir %>/nginx_blocked_generic.conf;
 
         limit_req zone=www burst=10;
-        limit_req zone=tarpit burst=2;
+        limit_req zone=tarpit burst=5;
         limit_req zone=reverse burst=5;
         limit_req_status 429;
         fastcgi_pass nominatim_service;