From 696a0a1766d83b22df9b44d518ac0586bdccd509 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Wed, 6 Nov 2019 21:55:41 +0100 Subject: [PATCH] add variables for login ratelimits --- defaults/main.yml | 19 +++++++++++++++++++ templates/opt/matrix/config/homeserver.yml.j2 | 8 ++++---- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index d5c0f18..e8b2e01 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -111,6 +111,25 @@ matrix_url_preview_enabled: False # - netloc: '^([A-f0-9:]+:+)+[A-f0-9]+$' matrix_url_preview_max_spider_size: 10M +# @var matrix_rc_login_address:description: > +# Ratelimiting settings for login requests based on the client's IP address. +# @end +# @var matrix_rc_login_address: > +# matrix_rc_login_address: +# per_second: 0.17 +# burst_count: 3 +# @var + +# @var matrix_rc_login_account:description: > +# Ratelimiting settings for login requests based on the account the +# client is attempting to log into. +# @end +# @var matrix_rc_login_account: > +# matrix_rc_login_account: +# per_second: 0.17 +# burst_count: 3 +# @var + matrix_macaroon_secret_key: "jr;vhMlW=+U8pwBhVE^=6.,M94Gcyg_07Z-nNAsgj4ZZ:ew:HV" matrix_form_secret: "oFP3m&,r^wJ=Tr#=Ruww5+h0e;-DZqcuVGXV4XgRZIAt~Gv2YF" diff --git a/templates/opt/matrix/config/homeserver.yml.j2 b/templates/opt/matrix/config/homeserver.yml.j2 index 8ba7323..20b6007 100644 --- a/templates/opt/matrix/config/homeserver.yml.j2 +++ b/templates/opt/matrix/config/homeserver.yml.j2 @@ -207,11 +207,11 @@ rc_registration: rc_login: address: - per_second: 0.17 - burst_count: 3 + per_second: {{ matrix_rc_login_address.per_second | default(0.17) }} + burst_count: {{ matrix_rc_login_address.burst_count | default(3) }} account: - per_second: 0.17 - burst_count: 3 + per_second: {{ matrix_rc_login_account.per_second | default(0.17) }} + burst_count: {{ matrix_rc_login_account.burst_count | default(3) }} failed_attempts: per_second: 0.17 burst_count: 3