]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/nominatim/recipes/default.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
nominatim: add fail2ban filter for rate limited IP
[chef.git] / cookbooks / nominatim / recipes / default.rb
diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
index 04cedf1fea5dbd344b2bd3ca2f15cc6ff2d00a06..d898911370d818bad0514a8ad6245bd2df17b283 100644 (file)
--- a/cookbooks/nominatim/recipes/default.rb
+++ b/cookbooks/nominatim/recipes/default.rb
@@ -401,3 +401,12 @@ directory "#{basedir}/status" do
   group "postgres"
   mode 0o775
 end
+
+include_recipe "fail2ban"
+
+fail2ban_jail "nominatim_limit_req" do
+  filter "nginx-limit-req"
+  logpath "#{node[:nominatim][:logdir]}/nominatim.openstreetmap.org-error.log"
+  ports [80, 443]
+  maxretry 5
+end
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.