Added some ratelimiting middleware

2025-07-17 14:33:27 +02:00 · 2023-02-25 12:14:50 +01:00
parent 9f3b6d0c17
commit a48050b234
8 changed files with 307 additions and 18 deletions
--- a/echoip_config.toml
+++ b/echoip_config.toml
@ -3,12 +3,15 @@
 listen_on = "127.0.0.1:3000"

 # What header your reverse proxy sets that contains the real ip-address
-# Possible Values: Every Variation of SecureClientIpSource in the axum_client_ip package
+# Possible Values: Every Variation of SecureClientIpSource in the axum_client_ip crate
 # https://docs.rs/axum-client-ip/latest/axum_client_ip/enum.SecureClientIpSource.html
+# Note: This one is also used for rate limiting
+# Related: https://adam-p.ca/blog/2022/03/x-forwarded-for/
 ip_header = "RightmostXForwardedFor"
 # When you don't want to use a proxy server:
 #ip_header = "ConnectInfo"

+
 # Allow querying of private range ips
 # enable if you want to use this service
 # on your internal network for some reason
@ -45,3 +48,17 @@ template_location = "templates"
 # Prefixes of user agents that should get a text reponse by default
 text_user_agents = ["curl/"]

+[ratelimit]
+# Configure a Quota for the Rate limiter
+
+# Please note that this depends on the ip_header being
+# configured correctly!
+
+# How many requests per minute are allowed
+# (How fast the leaky bucket drains)
+per_minute = 20
+# How many requests may come in at once
+# (How much capacity the leaky bucket has)
+burst = 15
+
+#Note: The ratelimit is implemented using the governor crate