ops / yoho-ansible-roles · Commits

Go to a project

Authored by jie
Commit 605da59f03a0894471929725a1989dbe6380ec6e 1 parent 8c22dfb3

去掉nginx的默认值&增加清空恶意IP&增加查询所有恶意IP接口

Inline Side-by-side
Showing 4 changed files with 23 additions and 240 deletions
@@ -192,6 +192,9 @@ local subscribe_mal_ips=function() @@ -192,6 +192,9 @@ local subscribe_mal_ips=function()
192 cache:delete("yh:mip:" .. ip) 192 cache:delete("yh:mip:" .. ip)
193 ngx.log(ngx.INFO,"nginx subscribe del mal ip:" .. tostring(ip) .. ":" .. tostring(expire)) 193 ngx.log(ngx.INFO,"nginx subscribe del mal ip:" .. tostring(ip) .. ":" .. tostring(expire))
194 end 194 end
  195 + elseif t.type == "flush" then
  196 + cache:flush_all()
  197 + ngx.log(ngx.INFO,"nginx subscribe flush all mal ip")
195 end 198 end
196 199
197 end 200 end
@@ -25,242 +25,3 @@ lua_context.lua_conf_cache=ngx.shared.ngxconf @@ -25,242 +25,3 @@ lua_context.lua_conf_cache=ngx.shared.ngxconf
25 25
26 lua_context.configs={} 26 lua_context.configs={}
27 27
28 --- api limit rate default conf  
29 -local api_rate_limit_conf={is_open=true,  
30 - api_rate_limit={  
31 - ["app.yohocoin.total"]={100},  
32 - ["app.yohocoin.subtract"]={100},  
33 - ["app.yohocoin.add"]={100},  
34 - ["app.yohocoin.lists"]={100},  
35 - ["resources.simple.pice"]={600},  
36 - ["app.product.data"]={600},  
37 - ["app.product.promotion"]={600},  
38 - ["app.coupons.queryProdPageCoupons"]={600},  
39 - ["h5.product.intro"]={600},  
40 - ["web.brand.banner"]={600},  
41 - ["app.product.queryShopsInfoById"]={600},  
42 - ["app.product.queryBuyLimit"]={600},  
43 - ["app.product.intro"]={600},  
44 - ["app.product.preference"]={160},  
45 - ["app.product.shopPreference"]={120},  
46 - ["app.product.supportService"]={600},  
47 - ["app.consult.common"]={600},  
48 - ["app.shop.queryShopsByBrandId"]={600},  
49 - ["shop.coupons.list"]={600},  
50 - ["show.recentShareOrderByProductId"]={600},  
51 - ["app.consult.lastTwo"]={600},  
52 - ["app.shopsdecorator.getList"]={600},  
53 - ["app.shops.getIntro"]={600},  
54 - ["app.shop.banner"]={600},  
55 - ["web.productBanner.data"]={600},  
56 - ["web.productModelcard.list"]={600},  
57 - ["web.productComfort.data"]={600},  
58 - ["web.productModelTry.data"]={600},  
59 - ["app.passport.profile"]={400},  
60 - ["app.activity.getlist"]={400},  
61 - ["app.home.getInfoNum"]={100},  
62 - ["app.invitecode.my"]={400},  
63 -  
64 - ["app.promotion.getCoupon"]={40,9999992,"人太多啦,稍后再试!"},  
65 - ["app.coupons.couponSend"]={40,9999992,"人太多啦,稍后再试!"},  
66 - ["app.coupons.sendCouponByConfig"]={40,9999992,"人太多啦,稍后再试!"},  
67 - ["app.promotion.getACoupon"]={40,9999992,"人太多啦,稍后再试!"},  
68 - ["app.coupons.couponsSend"]={40,9999992,"人太多啦,稍后再试!"},  
69 -  
70 -  
71 - ["app.promotion.queryCouponCenter"]={160,9999992,"人太多啦,稍后再试!"},  
72 - ["app.search.li"]={200},  
73 - ["app.search.sales"]={160},  
74 - ["app.search.word"]={400},  
75 -  
76 -  
77 - ["app.limitProduct.hotLimitProduct"]={400},  
78 - ["app.limitProduct.soonToSaleLimitProduct"]={400},  
79 - ["app.limitProduct.alreadySaleLimitProduct"]={400},  
80 - ["app.limitProduct.limitProductHtml"]={400},  
81 - ["app.limitProduct.limitProductDetail"]={400},  
82 - ["app.limitProduct.productStatus"]={400},  
83 -  
84 - ["app.Shopping.count"]={400},  
85 - ["app.home.newPreference"]={200},  
86 - ["app.Shopping.easyPayment"]={40,9999992,"人太多啦,稍后再试!"},  
87 - ["app.Shopping.easyCompute"]={40,9999992,"人太多啦,稍后再试!"},  
88 - ["app.Shopping.easySubmit"]={40,9999992,"人太多啦,稍后再试!"},  
89 - ["app.inbox.getTotal"]={80},  
90 - ["web.regular.groupsort"]={600},  
91 - ["web.search.search"]={500},  
92 - ["web.search.shopListInfo"]={600},  
93 - ["web.brand.byDomain"]={600},  
94 - ["web.search.newshelve"]={1000},  
95 - ["web.search.newShelveBatch"]={600},  
96 - ["web.regular.groupsort.sale"]={600},  
97 -  
98 -  
99 - ["app.Seckill.payment"]={60,9999992,"活动太火爆了,商品已被秒完!"},  
100 - ["app.Seckill.compute"]={60,9999992,"活动太火爆了,商品已被秒完!"},  
101 - ["app.Seckill.submit"]={40,9999992,"活动太火爆了,商品已被秒完!"},  
102 - ["app.Seckill.countUsableCoupon"]={100},  
103 - ["app.seckill.queryActivity"]={300,9999992,"人太多啦,稍后再试!"},  
104 - ["app.seckill.queryProductList"]={300,9999992,"人太多啦,稍后再试!"},  
105 - ["app.seckill.data"]={300,9999992,"人太多啦,稍后再试!"},  
106 - ["app.shopping.submitTicket"]={80,9999992,"人太多啦,稍后再试!"},  
107 - ["app.shopping.ticket"]={80,9999992,"人太多啦,稍后再试!"},  
108 -  
109 -  
110 - ["app.Shopping.submit"]={100,9999992,"人太多啦,稍后再试!"},  
111 - ["app.Shopping.compute"]={120,9999992,"人太多啦,稍后再试!"},  
112 - ["app.Shopping.payment"]={120,9999992,"人太多啦,稍后再试!"},  
113 - ["app.Shopping.enhancedPayment"]={120,9999992,"人太多啦,稍后再试!"},  
114 - ["app.Shopping.selectCoupon"]={120,9999992,"人太多啦,稍后再试!"},  
115 - ["app.Shopping.useCoupon"]={120,9999992,"人太多啦,稍后再试!"},  
116 - ["app.Shopping.countUsableCoupon"]={200},  
117 - ["app.Shopping.countUsableGiftCard"]={200},  
118 -  
119 - ["app.product.seckill.data"]={240,9999992,"人太多啦,稍后再试!"},  
120 - ["app.product.seckill.promotion"]={240},  
121 - ["app.product.seckill.intro"]={240},  
122 - ["app.consult.seckill.common"]={240},  
123 - ["app.shop.seckill.queryShopsByBrandId"]={240},  
124 - ["app.consult.seckill.lastTwo"]={240},  
125 - ["show.seckill.recentShareOrderByProductId"]={240},  
126 -  
127 - ["app.depositAdvance.data"]={400},  
128 - ["app.limitTimeAdvance.data"]={400},  
129 - ["app.product.shopRecommend"]={160},  
130 - ["app.product.sizehelper.show"]={600},  
131 - ["app.product.sizehelper.detail"]={600},  
132 -  
133 - ["app.show.instalment"]={600},  
134 - ["clear.productCache"]={2000},  
135 - ["app.helper.getServiceOnline"]={600},  
136 - ["app.Shopping.queryCart"]={300},  
137 - ["app.Shopping.queryCartCouponCenter"]={300},  
138 - ["app.Shopping.selectedAndQryCart"]={300,9999992,"人太多啦,稍后再试!"},  
139 - ["app.Shopping.add"]={100,9999992,"人太多啦,稍后再试!"},  
140 -  
141 -  
142 -  
143 - ["web.product.shopRecommend"]={40},  
144 - ["app.coupons.queryUserCouponRemind"]={100},  
145 - ["app.search.findLike"]={40},  
146 - ["web.search.findLike"]={40},  
147 - ["web.search.forseo"]={40},  
148 - ["app.inbox.getAllInboxCatInfo"]={40},  
149 - ["app.inbox.getlistnew"]={40},  
150 - ["app.favorite.product"]={40},  
151 - ["web.favorite.product"]={40},  
152 - ["app.favorite.brand"]={40},  
153 - ["app.coupons.total"]={80},  
154 - ["app.promotion.couponStatus"]={80},  
155 - ["app.activity.friendhelp"]={60,9999992,"人太多啦,稍后再试!"},  
156 -  
157 -  
158 - ["user.instalment.activate"]={40},  
159 - ["user.instalment.getStatus"]={200},  
160 - ["user.instalment.getBankCards"]={10},  
161 - ["user.instalment.queryCreditLimit"]={10,9999992,"人太多啦,稍后再试!"},  
162 - ["user.instalment.getSnsCheckCode"]={10},  
163 - ["user.instalment.getBankInfoByCardNo"]={10},  
164 - ["user.instalment.getCardInfoById"]={10},  
165 - ["app.search.instalment"]={20},  
166 - ["app.promotion.instalment"]={50},  
167 - ["app.order.queryAmtInfo"]={10,9999992,"人太多啦,稍后再试!"},  
168 - ["app.order.queryAmtList"]={10,9999992,"人太多啦,稍后再试!"},  
169 - ["app.order.queryRePayList"]={10,9999992,"人太多啦,稍后再试!"},  
170 - ["app.instalment.condition"]={10,9999992,"人太多啦,稍后再试!"},  
171 - ["app.instalment.pay"]={10,9999992,"人太多啦,稍后再试!"},  
172 - ["app.instalment.prerepay"]={10,9999992,"人太多啦,稍后再试!"},  
173 - ["app.instalment.confirmrepay"]={10,9999992,"人太多啦,稍后再试!"},  
174 - ["app.Buynow.payment"]={10,9999992,"人太多啦,稍后再试!"},  
175 - ["app.Buynow.countUsableCoupon"]={20},  
176 - ["app.Buynow.enhancedPayment"]={20,9999992,"人太多啦,稍后再试!"},  
177 - ["app.Buynow.selectCoupon"]={20},  
178 - ["app.Buynow.listCoupon"]={20},  
179 - ["app.Buynow.compute"]={20,9999992,"人太多啦,稍后再试!"},  
180 - ["app.Buynow.submit"]={10,9999992,"人太多啦,稍后再试!"},  
181 - ["app.Buynow.useCoupon"]={10},  
182 - ["app.Buynow.usePromotionCode"]={10},  
183 - ["app.SpaceOrders.getInstallment"]={10},  
184 - ["app.SpaceOrders.installDetail"]={10},  
185 - ["user.instalment.validateSnsCheckCode"]={10},  
186 - ["user.instalment.reSendSms4FcpService"]={10},  
187 - ["user.instalment.bindingCards"]={5},  
188 - ["app.search.promotion"]={80},  
189 - ["app.search.newPromotion"]={120},  
190 - ["app.search.zq.filter"]={40},  
191 - ["app.search.promotion.filter"]={40},  
192 - ["app.search.coupon.filter"]={40},  
193 - ["app.search.fuzzy.filter"]={40},  
194 - ["app.search.category.filter"]={40},  
195 - ["app.search.filter"]={40},  
196 - ["app.search.breakSize.filter"]={40},  
197 - ["app.search.pool.filter"]={40},  
198 - ["app.search.shop.filter"]={40},  
199 - ["app.search.good"]={40},  
200 - ["app.search.fuzzy"]={120},  
201 - ["app.search.category.productList"]={120},  
202 - ["app.search.productList"]={120},  
203 - ["app.search.recomandLi"]={60},  
204 - ["app.search.shop.productList"]={120},  
205 - ["app.search.promotion.productList"]={80},  
206 - ["app.search.zq.productList"]={80},  
207 - ["app.search.pool.productList"]={80},  
208 - ["app.search.newProduct.shop"]={80},  
209 - ["app.search.coupon.productList"]={80},  
210 - ["app.search.newLast7day"]={120},  
211 - ["app.resources.holidayGifConfig"]={400},  
212 - ["app.passport.verify"]={80},  
213 - ["clear.productCache.batch"]={200},  
214 -  
215 -  
216 -  
217 - ["/operations/api/v5/resource/get"]={800},  
218 - ["/operations/api/v5/resource/home"]={400,9999992},  
219 - ["/operations/api/v5/webshare/getShare"]={400},  
220 - ["/operations/api/v5/entrance/getEntrance"]={400},  
221 - ["/operations/api/v6/category/getCategory"]={400},  
222 - ["/operations/api/v4/icon/getIcon"]={400},  
223 - ["/guang/api/v1/article/getArticleNotice"]={100},  
224 -  
225 - ["/payment/alipay_data"]={200},  
226 - ["/payment/applepay_data"]={200},  
227 - ["/payment/weixin_data"]={200},  
228 - ["/payment/alipay_notify"]={200},  
229 - ["/payment/weixin_notify"]={200},  
230 - ["/payment/applepay_notify"]={200},  
231 - ["/erp/sync/promotion/update"]={600},  
232 - ["/erp/clear/batch/productPriceCache"]={800}  
233 - }  
234 -}  
235 -  
236 --- limit ip access conf  
237 -local limit_ip_access={  
238 - is_open=true, white_ips={  
239 - "172.31.0.0/16",  
240 - "10.66.0.0/16",  
241 - "54.222.0.0/16",  
242 - "118.89.221.106/32",  
243 - "123.206.21.19/32",  
244 - "123.206.73.107/32",  
245 - "54.223.0.0/16"  
246 - },  
247 - ip_qps_limit={60,1},  
248 - interface_ip_qps_limit={  
249 - ["app.bind.sendThirdBindMobileCodeOnly"]={15,2},  
250 - ["app.bind.sendThirdBindMobileCodeOnlyImg"]={15,2},  
251 - ["app.bind.sendChangeBindMobileCodeOnlyImg"]={15,2},  
252 - ["/smart/way"]={20,3}  
253 - }  
254 -}  
255 -  
256 -  
257 -local common_conf={  
258 - -- this variable control limit ip & limit rate flow execute  
259 - -- true: open ,false: close  
260 - lua_golbal_switch = true  
261 -}  
262 -  
263 -  
264 -lua_context.configs["common_conf"]=common_conf  
265 -lua_context.configs["limit_ip_access"]=limit_ip_access  
@@ -49,11 +49,17 @@ end @@ -49,11 +49,17 @@ end
49 49
50 function rate_limit() 50 function rate_limit()
51 local common_config=lua_context.configs["common_conf"] 51 local common_config=lua_context.configs["common_conf"]
  52 + local limit_config=lua_context.configs["api_rate_limit_conf"]
  53 +
  54 + if (not common_config) or (not limit_config) then
  55 + return
  56 + end
  57 +
52 if not common_config.lua_golbal_switch then 58 if not common_config.lua_golbal_switch then
53 return 59 return
54 end 60 end
55 61
56 - local limit_config=lua_context.configs["api_rate_limit_conf"] 62 +
57 local api_rate_limit=limit_config.api_rate_limit 63 local api_rate_limit=limit_config.api_rate_limit
58 local req_uri_method = extract_limit_method() 64 local req_uri_method = extract_limit_method()
59 --ngx.log(ngx.INFO,"=================>>" .. cjson.encode(api_rate_limit[req_uri_method])) 65 --ngx.log(ngx.INFO,"=================>>" .. cjson.encode(api_rate_limit[req_uri_method]))
@@ -43,6 +43,9 @@ end @@ -43,6 +43,9 @@ end
43 function M:limit_ip_access() 43 function M:limit_ip_access()
44 local limit_ip_config=lua_context.configs["limit_ip_access"] 44 local limit_ip_config=lua_context.configs["limit_ip_access"]
45 local common_config=lua_context.configs["common_conf"] 45 local common_config=lua_context.configs["common_conf"]
  46 + if (not common_config) or (not limit_ip_config) then
  47 + return
  48 + end
46 -- global switch control 49 -- global switch control
47 if not common_config.lua_golbal_switch then 50 if not common_config.lua_golbal_switch then
48 return 51 return
@@ -130,7 +133,7 @@ function M:mal_ip() @@ -130,7 +133,7 @@ function M:mal_ip()
130 local ips=self:get_req_param("ips") 133 local ips=self:get_req_param("ips")
131 local expire=self:get_req_param("expire") 134 local expire=self:get_req_param("expire")
132 ngx.header["Content-type"]="application/json;charset=utf-8" 135 ngx.header["Content-type"]="application/json;charset=utf-8"
133 - if not method or not ips then 136 + if not method then
134 ngx.say('{"code": 400, "msg": "params error!"}') 137 ngx.say('{"code": 400, "msg": "params error!"}')
135 ngx.exit(ngx.HTTP_OK) 138 ngx.exit(ngx.HTTP_OK)
136 end 139 end
@@ -146,6 +149,15 @@ function M:mal_ip() @@ -146,6 +149,15 @@ function M:mal_ip()
146 t.ips=ips 149 t.ips=ips
147 t.type="del" 150 t.type="del"
148 redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t)) 151 redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t))
  152 + elseif method == 'flushAll' then
  153 + local t={}
  154 + t.type="flush"
  155 + redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t))
  156 + elseif method == 'queryAll' then
  157 + local all_ips=cache:get_keys(0)
  158 + for i,v in pairs(all_ips) do
  159 + exists[#exists+1]=string.sub(v,8,string.len(v))
  160 + end
149 else 161 else
150 for ip in string.gmatch(ips,"[^',']+") do 162 for ip in string.gmatch(ips,"[^',']+") do
151 if method == 'add' then 163 if method == 'add' then