dcadenas
commented
9 months ago I think this could be implemented at the infra level in a more efficient way through https://doc.traefik.io/traefik/middlewares/http/ratelimit/ . @cooldracula WDYT?
Closed setch-l closed 8 months ago
dcadenas
commented
9 months ago I think this could be implemented at the infra level in a more efficient way through https://doc.traefik.io/traefik/middlewares/http/ratelimit/ . @cooldracula WDYT?
cooldracula
commented
8 months ago I think it makes sense to do this via traefik, as that task is within the domain of the proxy. However, I think we generally want to be cautious with splitting up the logic too much between repositories, just to help the clarity of future us. Perhaps we can add a link in this repo's README to the ansible role so our redirect and rate limiting rules are more easily discoverable?
Do you have any preference for what the rate limit should be? I can add it as variables to our deployment and update the docker-compose file in that above role accordingly.
dcadenas
commented
8 months ago Not really sure about values, I'd start with some sensible default and adjust after getting some usage metrics. I added a new nip05 grafana dashboard were we could get some info from for this. Good idea about the README, I'll add that info
cooldracula
commented
8 months ago I added the rate limit rules to our deployment, via work described in this PR: https://github.com/planetary-social/ansible-scripts/pull/82
To prevent spamming or take down of the system set up a rate limit for the creation of new NIP05 user names via the API.