Skip to content
This repository has been archived by the owner on Jul 11, 2020. It is now read-only.

Commit

Permalink
refactor LB nginx config
Browse files Browse the repository at this point in the history
@dwradcliffe
dwradcliffe committed Jul 30, 2015
1 parent 21293b9 commit 0df840d
Showing 7 changed files with 49 additions and 322 deletions.
2 changes: 1 addition & 1 deletion Berksfile.lock
View file
Original file line number Diff line number Diff line change
@@ -244,7 +244,7 @@ GRAPH
rubygems-backups (0.0.24)
chef-vault (>= 0.0.0)
rubygems-ruby (>= 0.0.0)
rubygems-balancer (0.0.64)
rubygems-balancer (0.0.67)
chef-vault (>= 0.0.0)
datadog (>= 0.0.0)
logrotate (>= 0.0.0)
256 changes: 0 additions & 256 deletions cookbooks/rubygems-balancer/files/default/geoip_continent.conf
View file

This file was deleted.

2 changes: 1 addition & 1 deletion cookbooks/rubygems-balancer/metadata.rb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name 'rubygems-balancer'

version '0.0.64'
version '0.0.67'

depends 'chef-vault'
depends 'datadog'
16 changes: 4 additions & 12 deletions cookbooks/rubygems-balancer/recipes/geoip.rb
View file
Original file line number Diff line number Diff line change
@@ -3,18 +3,10 @@
# Recipe:: geoip
#

template "#{node['nginx']['dir']}/conf.d/geoip.conf" do
source 'nginx-geoip.conf.erb'
owner 'root'
group 'root'
mode '0644'
notifies :restart, 'service[nginx]', :immediately
file "#{node['nginx']['dir']}/conf.d/geoip.conf" do
action :delete
end

cookbook_file "#{node['nginx']['dir']}/conf.d/geoip_continent.conf" do
source 'geoip_continent.conf'
owner 'root'
group 'root'
mode '0644'
notifies :restart, 'service[nginx]', :immediately
file "#{node['nginx']['dir']}/conf.d/geoip_continent.conf" do
action :delete
end
6 changes: 5 additions & 1 deletion cookbooks/rubygems-balancer/recipes/site.rb
View file
Original file line number Diff line number Diff line change
@@ -18,6 +18,8 @@
mode '0644'
end

fastly_domain = node.chef_environment == 'production' ? 'rubygems' : 'rubygems-staging'

template "#{node['nginx']['dir']}/sites-available/rubygems" do
source 'site.conf.erb'
owner 'root'
@@ -27,7 +29,9 @@
app_servers: search(:node, "roles:app AND chef_environment:#{node.chef_environment} AND in_rotation:true").sort,
server_names: ['rubygems.org', 'www.rubygems.org'],
ssl_key: File.join(node['nginx']['dir'], 'certs', 'rubygems.org.key'),
ssl_cert: File.join(node['nginx']['dir'], 'certs', 'rubygems.org.crt')
ssl_cert: File.join(node['nginx']['dir'], 'certs', 'rubygems.org.crt'),
gem_mirror_ssl: "https://#{fastly_domain}.global.ssl.fastly.net",
gem_mirror: "http://#{fastly_domain}.global.ssl.fastly.net"
)
notifies :reload, 'service[nginx]'
end
21 changes: 0 additions & 21 deletions cookbooks/rubygems-balancer/templates/default/nginx-geoip.conf.erb
View file

This file was deleted.

68 changes: 38 additions & 30 deletions cookbooks/rubygems-balancer/templates/default/site.conf.erb
View file
Original file line number Diff line number Diff line change
@@ -4,6 +4,14 @@ upstream app_servers {
<% end %>
}

map $remote_addr $abuser {
default "";
95.182.202.145 1;
87.194.147.142 1;
}

limit_req_zone $binary_remote_addr zone=abusers:10m rate=10r/m;

# HTTP
server {
listen 80 default;
@@ -40,7 +48,7 @@ server {
location ~ /gems/(.*)\.gem$ {
set $gem $1;
post_action /__log;
rewrite ^ $gem_mirror$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location ~ /downloads/(.*)\.gem {
@@ -54,7 +62,7 @@ server {
}

location /quick/Marshal.4.8/ {
rewrite ^ $gem_mirror$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /specs.4.8.gz {
@@ -72,55 +80,55 @@ server {
# Crufty old redirects

location = /specs.4.8 {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /latest_specs.4.8 {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /prerelease_specs.4.8 {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /quick/rubygems-update-1.3.6.gemspec.rz {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /yaml.Z {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /yaml.z {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /yaml {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /Marshal.4.8.Z {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /Marshal.4.8 {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /quick/index.rz {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /quick/index {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /quick/latest_index.rz {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location = /quick/latest_index {
rewrite ^ http://<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror %>$request_uri redirect;
}

location /stylesheets/ {
@@ -196,7 +204,7 @@ server {
location ~ /gems/(.*)\.gem$ {
set $gem $1;
post_action /__log;
rewrite ^ $gem_mirror_ssl$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location ~ /downloads/(.*)\.gem {
@@ -210,7 +218,7 @@ server {
}

location /quick/Marshal.4.8/ {
rewrite ^ $gem_mirror_ssl$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /specs.4.8.gz {
@@ -228,55 +236,55 @@ server {
# Crufty old redirects

location = /specs.4.8 {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /latest_specs.4.8 {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /prerelease_specs.4.8 {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /quick/rubygems-update-1.3.6.gemspec.rz {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /yaml.Z {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /yaml.z {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /yaml {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /Marshal.4.8.Z {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /Marshal.4.8 {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /quick/index.rz {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /quick/index {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /quick/latest_index.rz {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

location = /quick/latest_index {
rewrite ^ https://s3.amazonaws.com/<%= node.chef_environment %>.s3.rubygems.org$request_uri redirect;
rewrite ^ <%= @gem_mirror_ssl %>$request_uri redirect;
}

##### END legacy rules

0 comments on commit 0df840d

Please sign in to comment.