From 0bc08bb005823273a4146767ec625c3a5a061467 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Fri, 23 Nov 2018 10:07:40 +0000
Subject: [PATCH] Update matrix connection rate limits

---
 src/freedombone-app-matrix | 19 ++++++++++++++++---
 src/freedombone-app-riot   |  3 ++-
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/src/freedombone-app-matrix b/src/freedombone-app-matrix
index 0ada91cdc..918b0316f 100755
--- a/src/freedombone-app-matrix
+++ b/src/freedombone-app-matrix
@@ -221,12 +221,15 @@ function matrix_nginx {
     nginx_limits ${MATRIX_DOMAIN_NAME} '15m'
     { echo "    proxy_pass http://localhost:${MATRIX_PORT};";
       echo '  }';
-      echo '}'; } >> $matrix_nginx_site
+      echo '}'; } >> "$matrix_nginx_site"
 
-    if [ ! -d /var/www/$MATRIX_DOMAIN_NAME ]; then
-        mkdir -p /var/www/$MATRIX_DOMAIN_NAME/htdocs
+    if [ ! -d "/var/www/$MATRIX_DOMAIN_NAME" ]; then
+        mkdir -p "/var/www/$MATRIX_DOMAIN_NAME/htdocs"
     fi
 
+    sed -i 's|limit_conn conn_limit_per_ip.*|limit_conn conn_limit_per_ip 50;|g' "$matrix_nginx_site"
+    sed -i 's|limit_req zone.*|limit_req zone=req_limit_per_ip burst=50 nodelay;|g' "$matrix_nginx_site"
+
     function_check add_ddns_domain
     add_ddns_domain $MATRIX_DOMAIN_NAME
 }
@@ -412,6 +415,16 @@ function upgrade_matrix {
        return
     fi
 
+    # update connection rate limits
+    read_config_param MATRIX_DOMAIN_NAME
+    matrix_nginx_site=/etc/nginx/sites-available/$MATRIX_DOMAIN_NAME
+    if ! grep -q 'req_limit_per_ip burst=50 ' "$matrix_nginx_site"; then
+        sed -i 's|limit_req zone.*|limit_req zone=req_limit_per_ip burst=50 nodelay;|g' "$matrix_nginx_site"
+    fi
+    if ! grep -q 'conn_limit_per_ip 50;' "$matrix_nginx_site"; then
+        sed -i 's|limit_conn conn_limit_per_ip.*|limit_conn conn_limit_per_ip 50;|g' "$matrix_nginx_site"
+    fi
+
     matrix_expire_old_posts
 
     CURR_MATRIX_COMMIT=$(get_completion_param "matrix commit")
diff --git a/src/freedombone-app-riot b/src/freedombone-app-riot
index 411584cf8..075cad1fa 100755
--- a/src/freedombone-app-riot
+++ b/src/freedombone-app-riot
@@ -168,9 +168,10 @@ function upgrade_riot {
         return
     fi
 
+    # update connection rate limits
     read_config_param RIOT_DOMAIN_NAME
     riot_nginx_site=/etc/nginx/sites-available/$RIOT_DOMAIN_NAME
-    if ! grep -q 'req_limit_per_ip burst=50' "$riot_nginx_site"; then
+    if ! grep -q 'req_limit_per_ip burst=50 ' "$riot_nginx_site"; then
         sed -i 's|limit_req zone.*|limit_req zone=req_limit_per_ip burst=50 nodelay;|g' "$riot_nginx_site"
     fi
 
-- 
GitLab