From 195f6e8fb9bfd6c4d2c24c3334b632f89693cfd5 Mon Sep 17 00:00:00 2001 From: Annika Wickert Date: Thu, 14 Mar 2024 11:58:30 +0100 Subject: [PATCH] Update doh.ffmuc.net.conf --- nginx/domains/doh.ffmuc.net.conf | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/nginx/domains/doh.ffmuc.net.conf b/nginx/domains/doh.ffmuc.net.conf index 59262bf..2fc7c3f 100644 --- a/nginx/domains/doh.ffmuc.net.conf +++ b/nginx/domains/doh.ffmuc.net.conf @@ -7,21 +7,16 @@ geo $doh_backend { default doh-backend-v6; } -# geo $doh_blocked { -# default 0; -# #95.85.96.0/19 1; -# } - upstream doh-backend-v4 { - keepalive 16; + keepalive 32; server 127.0.0.1:445; } upstream doh-backend-v6 { - keepalive 16; + keepalive 32; server [::1]:445; } -limit_req_zone $binary_remote_addr zone=doh_requests:10m rate=5000r/s; +limit_req_zone $binary_remote_addr zone=doh_requests:10m rate=20000r/s; server { listen [::]:80; listen 80; @@ -56,10 +51,6 @@ server { } location /dns-query { - # if ( $doh_blocked = 0 ) { - # return 403; - # access_log off; - # } limit_req zone=doh_requests burst=10000; proxy_set_header Host $http_host; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -73,7 +64,6 @@ server { add_header 'Access-Control-Allow-Methods' 'GET, POST' always; add_header 'Access-Control-Allow-Headers' '*' always; - # proxy_set_header Connection ""; } location / { if ( $request_method = GET ) { @@ -85,9 +75,8 @@ server { if ( $rew = "11" ) { return 301 $wiki_page; } - limit_req zone=doh_requests burst=6000; + limit_req zone=doh_requests burst=10000; proxy_set_header Host $http_host; - #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect off; proxy_buffering off; #proxy_pass https://doh.ffmuc.net:445/dns-query;