Initial release
This commit is contained in:
Frans Veldman
parent
58aacd071a
commit
75f529b346
5 changed files with 535 additions and 1 deletions
24
00-captcha-init.conf
Normal file
24
00-captcha-init.conf
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
# /etc/nginx/conf.d/00-captcha-init.conf
|
||||
lua_package_path "/etc/nginx/lua/?.lua;;";
|
||||
|
||||
# A resolver is required by ngx.location.capture -> proxy_pass to Cloudflare.
|
||||
resolver 1.1.1.1 1.0.0.1 8.8.8.8 ipv6=off valid=300s;
|
||||
resolver_timeout 5s;
|
||||
|
||||
# Trust store + protocols for cosocket TLS (used to call siteverify)
|
||||
lua_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
||||
lua_ssl_verify_depth 3;
|
||||
lua_ssl_protocols TLSv1.2 TLSv1.3;
|
||||
|
||||
lua_shared_dict ts_walkaway 10m; # per-IP challenge counters
|
||||
lua_shared_dict ts_reported 1m; # IPs reported recently (15-min cooldown)
|
||||
|
||||
# Pre-load the module so the env file is read once per worker.
|
||||
init_by_lua_block {
|
||||
require("captcha")
|
||||
}
|
||||
|
||||
log_format ts '$remote_addr - $host "$request" $status $body_bytes_sent '
|
||||
'ts=$sent_http_x_turnstile '
|
||||
'rt=$request_time '
|
||||
'ua="$http_user_agent" ref="$http_referer"';
|
||||
Loading…
Add table
Add a link
Reference in a new issue