From: Tom Hughes Date: Sun, 27 Aug 2023 08:50:40 +0000 (+0100) Subject: Apply signup rate limits to the main site X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/64cefa68218b5a5d333a0747e3f3935be098bfcc Apply signup rate limits to the main site --- diff --git a/cookbooks/web/recipes/rails.rb b/cookbooks/web/recipes/rails.rb index 90411d552..90bd16c0a 100644 --- a/cookbooks/web/recipes/rails.rb +++ b/cookbooks/web/recipes/rails.rb @@ -143,6 +143,10 @@ rails_port "www.openstreetmap.org" do trace_image_storage_url "https://openstreetmap-gps-images.s3.dualstack.eu-west-1.amazonaws.com" overpass_url "https://query.openstreetmap.org/query-features" overpass_credentials true + signup_ip_per_day 24 + signup_ip_max_burst 48 + signup_email_per_day 1 + signup_email_max_burst 2 imagery_blacklist [ # Current Google imagery URLs have google or googleapis in the domain ".*\\.google(apis)?\\..*/.*", diff --git a/cookbooks/web/resources/rails_port.rb b/cookbooks/web/resources/rails_port.rb index 34ae01458..385423528 100644 --- a/cookbooks/web/resources/rails_port.rb +++ b/cookbooks/web/resources/rails_port.rb @@ -86,6 +86,10 @@ property :trace_image_storage_url, String property :trace_icon_storage_url, String property :tile_cdn_url, String property :imagery_blacklist, Array +property :signup_ip_per_day, Integer +property :signup_ip_max_burst, Integer +property :signup_email_per_day, Integer +property :signup_email_max_burst, Integer action :create do package %W[ @@ -336,7 +340,11 @@ action :create do "trace_image_storage_url", "trace_icon_storage_url", "tile_cdn_url", - "imagery_blacklist" + "imagery_blacklist", + "signup_ip_per_day", + "signup_ip_max_burst", + "signup_email_per_day", + "signup_email_max_burst" ).compact.merge( "server_protocol" => "https", "server_url" => new_resource.site,