diff options
| -rw-r--r-- | app.go | 16 | ||||
| -rw-r--r-- | internal/handlers/ratelimiter.go | 29 |
2 files changed, 31 insertions, 14 deletions
@@ -32,7 +32,6 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/httperrors" "gitlab.com/gitlab-org/gitlab-pages/internal/logging" "gitlab.com/gitlab-org/gitlab-pages/internal/netutil" - "gitlab.com/gitlab-org/gitlab-pages/internal/ratelimiter" "gitlab.com/gitlab-org/gitlab-pages/internal/rejectmethods" "gitlab.com/gitlab-org/gitlab-pages/internal/request" "gitlab.com/gitlab-org/gitlab-pages/internal/routing" @@ -237,6 +236,7 @@ func setRequestScheme(r *http.Request) *http.Request { return r } +// TODO: move the pipeline configuration to internal/pipeline https://gitlab.com/gitlab-org/gitlab-pages/-/issues/670 func (a *theApp) buildHandlerPipeline() (http.Handler, error) { // Handlers should be applied in a reverse order handler := a.serveFileOrNotFoundHandler() @@ -258,19 +258,7 @@ func (a *theApp) buildHandlerPipeline() (http.Handler, error) { handler = routing.NewMiddleware(handler, a.source) - if a.config.RateLimit.SourceIPLimitPerSecond > 0 { - rl := ratelimiter.New( - "source_ip", - ratelimiter.WithCacheMaxSize(ratelimiter.DefaultSourceIPCacheSize), - ratelimiter.WithCachedEntriesMetric(metrics.RateLimitSourceIPCachedEntries), - ratelimiter.WithCachedRequestsMetric(metrics.RateLimitSourceIPCacheRequests), - ratelimiter.WithBlockedCountMetric(metrics.RateLimitSourceIPBlockedCount), - ratelimiter.WithLimitPerSecond(a.config.RateLimit.SourceIPLimitPerSecond), - ratelimiter.WithBurstSize(a.config.RateLimit.SourceIPBurst), - ) - - handler = rl.Middleware(handler) - } + handler = handlers.Ratelimiter(handler, a.config) // Health Check handler, err = a.healthCheckMiddleware(handler) diff --git a/internal/handlers/ratelimiter.go b/internal/handlers/ratelimiter.go new file mode 100644 index 00000000..9c66c15d --- /dev/null +++ b/internal/handlers/ratelimiter.go @@ -0,0 +1,29 @@ +package handlers + +import ( + "net/http" + + "gitlab.com/gitlab-org/gitlab-pages/internal/config" + "gitlab.com/gitlab-org/gitlab-pages/internal/ratelimiter" + "gitlab.com/gitlab-org/gitlab-pages/metrics" +) + +// Ratelimiter configures the ratelimiter middleware +// TODO: make this unexported once https://gitlab.com/gitlab-org/gitlab-pages/-/issues/670 is done +func Ratelimiter(handler http.Handler, config *config.Config) http.Handler { + if config.RateLimit.SourceIPLimitPerSecond == 0 { + return handler + } + + rl := ratelimiter.New( + "source_ip", + ratelimiter.WithCacheMaxSize(ratelimiter.DefaultSourceIPCacheSize), + ratelimiter.WithCachedEntriesMetric(metrics.RateLimitSourceIPCachedEntries), + ratelimiter.WithCachedRequestsMetric(metrics.RateLimitSourceIPCacheRequests), + ratelimiter.WithBlockedCountMetric(metrics.RateLimitSourceIPBlockedCount), + ratelimiter.WithLimitPerSecond(config.RateLimit.SourceIPLimitPerSecond), + ratelimiter.WithBurstSize(config.RateLimit.SourceIPBurst), + ) + + return rl.Middleware(handler) +} |