@abtnode/router-provider 1.7.9 → 1.7.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -15,3 +15,5 @@ proxy_set_header Upgrade $http_upgrade;
15
15
  proxy_set_header Connection $connection_upgrade;
16
16
 
17
17
  proxy_read_timeout 3600;
18
+
19
+ proxy_pass_header server;
@@ -126,7 +126,14 @@ class NginxProvider extends BaseProvider {
126
126
  this.initialize();
127
127
  }
128
128
 
129
- async update({ routingTable = [], certificates = [], globalHeaders, services = [], nodeInfo = {} } = {}) {
129
+ async update({
130
+ routingTable = [],
131
+ certificates = [],
132
+ commonHeaders,
133
+ services = [],
134
+ nodeInfo = {},
135
+ requestLimit,
136
+ } = {}) {
130
137
  if (!Array.isArray(routingTable)) {
131
138
  throw new Error('routingTable must be an array');
132
139
  }
@@ -163,8 +170,11 @@ class NginxProvider extends BaseProvider {
163
170
 
164
171
  this._addCorsMap(conf, siteCorsConfigs);
165
172
  conf.nginx.http._add('server_tokens', 'off');
166
- this._addGlobalHeaders(conf, globalHeaders);
173
+ this._addCommonResHeaders(conf.nginx.http, commonHeaders);
167
174
  this._addExposeServices(conf, services);
175
+ if (requestLimit && requestLimit.enabled) {
176
+ this.addGlobalReqLimit(conf.nginx.http, requestLimit);
177
+ }
168
178
 
169
179
  logger.info('routing sites:', sites);
170
180
  // eslint-disable-next-line no-restricted-syntax
@@ -191,6 +201,7 @@ class NginxProvider extends BaseProvider {
191
201
  serverName: parsedServerName,
192
202
  corsAllowedOrigins,
193
203
  daemonPort: nodeInfo.port,
204
+ commonHeaders,
194
205
  });
195
206
  } else {
196
207
  this._addHttpServer({
@@ -200,6 +211,7 @@ class NginxProvider extends BaseProvider {
200
211
  corsAllowedOrigins,
201
212
  port,
202
213
  daemonPort: nodeInfo.port,
214
+ commonHeaders,
203
215
  });
204
216
  }
205
217
  }
@@ -380,6 +392,7 @@ class NginxProvider extends BaseProvider {
380
392
  target,
381
393
  ruleId,
382
394
  type,
395
+ commonHeaders,
383
396
  }) {
384
397
  server._add('location', concatPath(prefix, suffix));
385
398
 
@@ -402,6 +415,7 @@ class NginxProvider extends BaseProvider {
402
415
  location._add('include', 'includes/security');
403
416
  }
404
417
 
418
+ this._addCommonResHeaders(location, commonHeaders);
405
419
  this._addTailSlashRedirection(location, prefix); // Note: 末尾 "/" 的重定向要放在 CORS(OPTIONS) 响应之后, 这样不会影响 OPTIONS 的响应
406
420
 
407
421
  if (did) {
@@ -618,13 +632,13 @@ class NginxProvider extends BaseProvider {
618
632
  }
619
633
  }
620
634
 
621
- _addGlobalHeaders(conf, headers) {
635
+ _addCommonResHeaders(block, headers) {
622
636
  if (!headers || Object.prototype.toString.call(headers) !== '[object Object]') {
623
637
  return;
624
638
  }
625
639
 
626
640
  Object.keys(headers).forEach((key) => {
627
- conf.nginx.http._add('add_header', `${key} ${headers[key]}`);
641
+ block._add('add_header', `${key} ${headers[key]}`);
628
642
  });
629
643
  }
630
644
 
@@ -656,14 +670,14 @@ class NginxProvider extends BaseProvider {
656
670
  : conf.nginx.stream.server;
657
671
  }
658
672
 
659
- _addHttpServer({ locations = [], serverName, conf, corsAllowedOrigins, port, daemonPort }) {
673
+ _addHttpServer({ locations = [], serverName, conf, corsAllowedOrigins, port, daemonPort, commonHeaders }) {
660
674
  const httpServerUnit = this._addHttpServerUnit({ conf, serverName, port });
661
675
  this._addDefaultLocations(httpServerUnit, daemonPort);
662
676
  // eslint-disable-next-line max-len
663
- locations.forEach((x) => this._addReverseProxy({ server: httpServerUnit, ...x, serverName, corsAllowedOrigins })); // prettier-ignore
677
+ locations.forEach((x) => this._addReverseProxy({ server: httpServerUnit, ...x, serverName, corsAllowedOrigins, commonHeaders })); // prettier-ignore
664
678
  }
665
679
 
666
- _addHttpsServer({ conf, locations, certificateFileName, serverName, corsAllowedOrigins, daemonPort }) {
680
+ _addHttpsServer({ conf, locations, certificateFileName, serverName, corsAllowedOrigins, daemonPort, commonHeaders }) {
667
681
  const httpsServerUnit = this._addHttpsServerUnit({ conf, serverName, certificateFileName });
668
682
 
669
683
  const httpServerUnit = this._addHttpServerUnit({ conf, serverName });
@@ -671,7 +685,7 @@ class NginxProvider extends BaseProvider {
671
685
 
672
686
  this._addDefaultLocations(httpsServerUnit, daemonPort);
673
687
  // eslint-disable-next-line max-len
674
- locations.forEach((x) => this._addReverseProxy({ server: httpsServerUnit, ...x, serverName, corsAllowedOrigins })); // prettier-ignore
688
+ locations.forEach((x) => this._addReverseProxy({ server: httpsServerUnit, ...x, serverName, corsAllowedOrigins,commonHeaders })); // prettier-ignore
675
689
  }
676
690
 
677
691
  _addHttpServerUnit({ conf, serverName, port }) {
@@ -758,6 +772,13 @@ class NginxProvider extends BaseProvider {
758
772
  });
759
773
  }
760
774
 
775
+ addGlobalReqLimit(block, limit) {
776
+ const key = limit.ipHeader ? `$http_${limit.ipHeader}` : '$binary_remote_addr';
777
+ block._add('limit_req_zone', `${key} zone=ip_limit:20m rate=${limit.rate || 5}r/s`);
778
+ block._add('limit_req', `zone=ip_limit burst=${limit.maxInstantRate || 30} delay=10`);
779
+ block._add('limit_req_status', 429);
780
+ }
781
+
761
782
  getLogFilesForToday() {
762
783
  return {
763
784
  access: this.accessLog,
package/lib/nginx/util.js CHANGED
@@ -12,7 +12,7 @@ const { MAX_UPLOAD_FILE_SIZE } = require('@abtnode/constant');
12
12
 
13
13
  const logger = require('@abtnode/logger')('router:nginx:util');
14
14
 
15
- const WORKER_CONNECTIONS = 1000 * 10; // 10K
15
+ const MAX_WORKER_CONNECTIONS = 10240;
16
16
  const CLIENT_MAX_BODY_SIZE = process.env.MAX_UPLOAD_FILE_SIZE || MAX_UPLOAD_FILE_SIZE;
17
17
 
18
18
  const formatError = (errStr) => {
@@ -130,6 +130,17 @@ const getUserGroup = (username) => {
130
130
  return res.stdout.trim();
131
131
  };
132
132
 
133
+ const getWorkerConnectionCount = (maxWorkerConnections, workerProcess) => {
134
+ const { stdout, code } = shelljs.exec('ulimit -n', { silent: true });
135
+ if (code !== 0) {
136
+ return maxWorkerConnections;
137
+ }
138
+
139
+ const ulimit = Number(stdout.trim());
140
+
141
+ return Math.min(maxWorkerConnections, Math.floor(ulimit / workerProcess));
142
+ };
143
+
133
144
  const getMainTemplate = ({
134
145
  logDir,
135
146
  tmpDir,
@@ -145,7 +156,7 @@ user ${os.userInfo().username} ${getUserGroup(os.userInfo().username)};
145
156
  pid nginx.pid;
146
157
 
147
158
  events {
148
- worker_connections ${WORKER_CONNECTIONS};
159
+ worker_connections ${getWorkerConnectionCount(MAX_WORKER_CONNECTIONS, workerProcess)};
149
160
  }
150
161
 
151
162
  http {
@@ -270,4 +281,5 @@ module.exports = {
270
281
  getNginxStatus,
271
282
  rotateNginxLogFile,
272
283
  getUserGroup,
284
+ getWorkerConnectionCount,
273
285
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@abtnode/router-provider",
3
- "version": "1.7.9",
3
+ "version": "1.7.12",
4
4
  "description": "Routing engine implementations for abt node",
5
5
  "author": "polunzh <polunzh@gmail.com>",
6
6
  "homepage": "https://github.com/ArcBlock/blocklet-server#readme",
@@ -32,10 +32,10 @@
32
32
  "url": "https://github.com/ArcBlock/blocklet-server/issues"
33
33
  },
34
34
  "dependencies": {
35
- "@abtnode/constant": "1.7.9",
36
- "@abtnode/logger": "1.7.9",
37
- "@abtnode/router-templates": "1.7.9",
38
- "@abtnode/util": "1.7.9",
35
+ "@abtnode/constant": "1.7.12",
36
+ "@abtnode/logger": "1.7.12",
37
+ "@abtnode/router-templates": "1.7.12",
38
+ "@abtnode/util": "1.7.12",
39
39
  "axios": "^0.26.1",
40
40
  "debug": "^4.3.3",
41
41
  "find-process": "^1.4.3",
@@ -62,5 +62,5 @@
62
62
  "fs-extra": "^10.0.1",
63
63
  "needle": "^3.0.0"
64
64
  },
65
- "gitHead": "285f4fedd41fcb8e1814ce5d8250ac10616e67e0"
65
+ "gitHead": "afc78b9cb92448676149262fb02432bc256a5524"
66
66
  }