Rack::Attack requires Rails.cache to work

* Adding dependency on `dalli` gem * Configuring `cache_store` to `dalli` * Adding `memcache` option for configuration
gwdg · Aug 22, 2017 · 71943be · 71943be
1 parent c6679aa
commit 71943be
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 2 deletions.
diff --git a/Gemfile b/Gemfile
@@ -11,6 +11,7 @@ gem 'rack-attack', '~> 5.0'
 gem 'rack-cors', '~> 1.0'
 gem 'rails', '~> 5.1'
 gem 'responders', '~> 2.4'
+gem 'dalli', '~> 2.7'
 
 gem 'occi-core', '= 5.0.0.beta.18', require: 'occi/infrastructure-ext' # '~> 5.0.0'
 

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -47,6 +47,7 @@ GEM
     code_analyzer (0.4.8)
       sexp_processor
     concurrent-ruby (1.0.5)
+    dalli (2.7.6)
     erubi (1.6.1)
     erubis (2.7.0)
     ffi (1.9.18)
@@ -181,6 +182,7 @@ PLATFORMS
 
 DEPENDENCIES
   byebug
+  dalli (~> 2.7)
   listen (>= 3.0.5, < 3.2)
   logstasher (~> 1.2)
   occi-core (= 5.0.0.beta.18)

diff --git a/config/environments/development.rb b/config/environments/development.rb
@@ -50,6 +50,10 @@
   #
   config.active_job.queue_adapter = ActiveJob::QueueAdapters::AsyncAdapter.new(min_threads: 1, max_threads: 1)
 
+  #
+  config.cache_store = :dalli_store, ENV["MEMCACHE_SERVERS"] || config.rocci_server['memcache'],
+    { :namespace => 'rOCCI-server.development', :expires_in => 1.minute, :compress => true }
+
   # Raises error for missing translations
   # config.action_view.raise_on_missing_translations = true
 

diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -63,6 +63,10 @@
     max_threads: 2 * Concurrent.processor_count,
     idletime: 600.seconds
 
+  #
+  config.cache_store = :dalli_store, ENV["MEMCACHE_SERVERS"] || config.rocci_server['memcache'],
+    { :namespace => 'rOCCI-server.production', :expires_in => 1.day, :compress => true }
+
   # Ignore bad email addresses and do not raise email delivery errors.
   # Set this to true and configure the email server for immediate delivery to raise delivery errors.
   # config.action_mailer.raise_delivery_errors = false

diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
@@ -1,10 +1,10 @@
 # Rack attack protection
 module Rack
   class Attack
-    throttle('req/ip', limit: 120, period: 1.minute, &:ip)
+    throttle('req/ip', limit: 360, period: 1.minute, &:ip)
 
     blocklist('auth-less annoyances') do |req|
-      Allow2Ban.filter(req.ip, maxretry: 10, findtime: 1.minute, bantime: 24.hours) do
+      Allow2Ban.filter(req.ip, maxretry: 120, findtime: 1.minute, bantime: 24.hours) do
         req.env[Tokenator::TOKEN_HEADER_KEY].blank?
       end
     end

diff --git a/config/rocci_server.yml b/config/rocci_server.yml
@@ -3,6 +3,7 @@ defaults: &defaults
   hostname: localhost
   port: 3000
   keystone_uri: https://localhost:5000/
+  memcache: localhost:11211
   backend: dummy
   dummy:
     no_options: true