From: Sarah Hoffmann <lonvia@denofr.de>
Date: Sat, 25 Apr 2020 08:03:00 +0000 (+0200)
Subject: nominatim: add fail2ban filter for rate limited IP
X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/4acd54cbeaa45658a53217b960bed6a57caf80e1?ds=sidebyside

nominatim: add fail2ban filter for rate limited IP
---

diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
index 04cedf1fe..d89891137 100644
--- a/cookbooks/nominatim/recipes/default.rb
+++ b/cookbooks/nominatim/recipes/default.rb
@@ -401,3 +401,12 @@ directory "#{basedir}/status" do
   group "postgres"
   mode 0o775
 end
+
+include_recipe "fail2ban"
+
+fail2ban_jail "nominatim_limit_req" do
+  filter "nginx-limit-req"
+  logpath "#{node[:nominatim][:logdir]}/nominatim.openstreetmap.org-error.log"
+  ports [80, 443]
+  maxretry 5
+end