npm - @abtnode/router-provider - Versions diffs - 1.7.9 → 1.7.12 - Mend

@abtnode/router-provider 1.7.9 → 1.7.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/nginx/includes/proxy CHANGED Viewed

@@ -15,3 +15,5 @@ proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection $connection_upgrade;
 proxy_read_timeout 3600;
+proxy_pass_header server;

package/lib/nginx/index.js CHANGED Viewed

@@ -126,7 +126,14 @@ class NginxProvider extends BaseProvider {
     this.initialize();
   }
-  async update({ routingTable = [], certificates = [], globalHeaders, services = [], nodeInfo = {} } = {}) {
+  async update({
+    routingTable = [],
+    certificates = [],
+    commonHeaders,
+    services = [],
+    nodeInfo = {},
+    requestLimit,
+  } = {}) {
     if (!Array.isArray(routingTable)) {
       throw new Error('routingTable must be an array');
     }
@@ -163,8 +170,11 @@ class NginxProvider extends BaseProvider {
         this._addCorsMap(conf, siteCorsConfigs);
         conf.nginx.http._add('server_tokens', 'off');
-        this._addGlobalHeaders(conf, globalHeaders);
+        this._addCommonResHeaders(conf.nginx.http, commonHeaders);
         this._addExposeServices(conf, services);
+        if (requestLimit && requestLimit.enabled) {
+          this.addGlobalReqLimit(conf.nginx.http, requestLimit);
+        }
         logger.info('routing sites:', sites);
         // eslint-disable-next-line no-restricted-syntax
@@ -191,6 +201,7 @@ class NginxProvider extends BaseProvider {
               serverName: parsedServerName,
               corsAllowedOrigins,
               daemonPort: nodeInfo.port,
+              commonHeaders,
             });
           } else {
             this._addHttpServer({
@@ -200,6 +211,7 @@ class NginxProvider extends BaseProvider {
               corsAllowedOrigins,
               port,
               daemonPort: nodeInfo.port,
+              commonHeaders,
             });
           }
         }
@@ -380,6 +392,7 @@ class NginxProvider extends BaseProvider {
     target,
     ruleId,
     type,
+    commonHeaders,
   }) {
     server._add('location', concatPath(prefix, suffix));
@@ -402,6 +415,7 @@ class NginxProvider extends BaseProvider {
       location._add('include', 'includes/security');
     }
+    this._addCommonResHeaders(location, commonHeaders);
     this._addTailSlashRedirection(location, prefix); // Note: 末尾 "/" 的重定向要放在 CORS(OPTIONS) 响应之后, 这样不会影响 OPTIONS 的响应
     if (did) {
@@ -618,13 +632,13 @@ class NginxProvider extends BaseProvider {
     }
   }
-  _addGlobalHeaders(conf, headers) {
+  _addCommonResHeaders(block, headers) {
     if (!headers || Object.prototype.toString.call(headers) !== '[object Object]') {
       return;
     }
     Object.keys(headers).forEach((key) => {
-      conf.nginx.http._add('add_header', `${key} ${headers[key]}`);
+      block._add('add_header', `${key} ${headers[key]}`);
     });
   }
@@ -656,14 +670,14 @@ class NginxProvider extends BaseProvider {
       : conf.nginx.stream.server;
   }
-  _addHttpServer({ locations = [], serverName, conf, corsAllowedOrigins, port, daemonPort }) {
+  _addHttpServer({ locations = [], serverName, conf, corsAllowedOrigins, port, daemonPort, commonHeaders }) {
     const httpServerUnit = this._addHttpServerUnit({ conf, serverName, port });
     this._addDefaultLocations(httpServerUnit, daemonPort);
     // eslint-disable-next-line max-len
-    locations.forEach((x) => this._addReverseProxy({ server: httpServerUnit, ...x, serverName, corsAllowedOrigins })); // prettier-ignore
+    locations.forEach((x) => this._addReverseProxy({ server: httpServerUnit, ...x, serverName, corsAllowedOrigins, commonHeaders })); // prettier-ignore
   }
-  _addHttpsServer({ conf, locations, certificateFileName, serverName, corsAllowedOrigins, daemonPort }) {
+  _addHttpsServer({ conf, locations, certificateFileName, serverName, corsAllowedOrigins, daemonPort, commonHeaders }) {
     const httpsServerUnit = this._addHttpsServerUnit({ conf, serverName, certificateFileName });
     const httpServerUnit = this._addHttpServerUnit({ conf, serverName });
@@ -671,7 +685,7 @@ class NginxProvider extends BaseProvider {
     this._addDefaultLocations(httpsServerUnit, daemonPort);
     // eslint-disable-next-line max-len
-    locations.forEach((x) => this._addReverseProxy({ server: httpsServerUnit, ...x, serverName, corsAllowedOrigins })); // prettier-ignore
+    locations.forEach((x) => this._addReverseProxy({ server: httpsServerUnit, ...x, serverName, corsAllowedOrigins,commonHeaders })); // prettier-ignore
   }
   _addHttpServerUnit({ conf, serverName, port }) {
@@ -758,6 +772,13 @@ class NginxProvider extends BaseProvider {
     });
   }
+  addGlobalReqLimit(block, limit) {
+    const key = limit.ipHeader ? `$http_${limit.ipHeader}` : '$binary_remote_addr';
+    block._add('limit_req_zone', `${key} zone=ip_limit:20m rate=${limit.rate || 5}r/s`);
+    block._add('limit_req', `zone=ip_limit burst=${limit.maxInstantRate || 30} delay=10`);
+    block._add('limit_req_status', 429);
+  }
   getLogFilesForToday() {
     return {
       access: this.accessLog,

package/lib/nginx/util.js CHANGED Viewed

@@ -12,7 +12,7 @@ const { MAX_UPLOAD_FILE_SIZE } = require('@abtnode/constant');
 const logger = require('@abtnode/logger')('router:nginx:util');
-const WORKER_CONNECTIONS = 1000 * 10; // 10K
+const MAX_WORKER_CONNECTIONS = 10240;
 const CLIENT_MAX_BODY_SIZE = process.env.MAX_UPLOAD_FILE_SIZE || MAX_UPLOAD_FILE_SIZE;
 const formatError = (errStr) => {
@@ -130,6 +130,17 @@ const getUserGroup = (username) => {
   return res.stdout.trim();
 };
+const getWorkerConnectionCount = (maxWorkerConnections, workerProcess) => {
+  const { stdout, code } = shelljs.exec('ulimit -n', { silent: true });
+  if (code !== 0) {
+    return maxWorkerConnections;
+  }
+  const ulimit = Number(stdout.trim());
+  return Math.min(maxWorkerConnections, Math.floor(ulimit / workerProcess));
+};
 const getMainTemplate = ({
   logDir,
   tmpDir,
@@ -145,7 +156,7 @@ user ${os.userInfo().username} ${getUserGroup(os.userInfo().username)};
 pid nginx.pid;
 events {
-    worker_connections  ${WORKER_CONNECTIONS};
+    worker_connections  ${getWorkerConnectionCount(MAX_WORKER_CONNECTIONS, workerProcess)};
 }
 http {
@@ -270,4 +281,5 @@ module.exports = {
   getNginxStatus,
   rotateNginxLogFile,
   getUserGroup,
+  getWorkerConnectionCount,
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@abtnode/router-provider",
-  "version": "1.7.9",
+  "version": "1.7.12",
   "description": "Routing engine implementations for abt node",
   "author": "polunzh <polunzh@gmail.com>",
   "homepage": "https://github.com/ArcBlock/blocklet-server#readme",
@@ -32,10 +32,10 @@
     "url": "https://github.com/ArcBlock/blocklet-server/issues"
   },
   "dependencies": {
-    "@abtnode/constant": "1.7.9",
-    "@abtnode/logger": "1.7.9",
-    "@abtnode/router-templates": "1.7.9",
-    "@abtnode/util": "1.7.9",
+    "@abtnode/constant": "1.7.12",
+    "@abtnode/logger": "1.7.12",
+    "@abtnode/router-templates": "1.7.12",
+    "@abtnode/util": "1.7.12",
     "axios": "^0.26.1",
     "debug": "^4.3.3",
     "find-process": "^1.4.3",
@@ -62,5 +62,5 @@
     "fs-extra": "^10.0.1",
     "needle": "^3.0.0"
   },
-  "gitHead": "285f4fedd41fcb8e1814ce5d8250ac10616e67e0"
+  "gitHead": "afc78b9cb92448676149262fb02432bc256a5524"
 }