feat: add memory-efficient rate-limit pruning and remove unused worker file from image
Browse files- Dockerfile +0 -1
- health-server.js +8 -0
Dockerfile
CHANGED
|
@@ -30,7 +30,6 @@ WORKDIR /home/node/app
|
|
| 30 |
|
| 31 |
COPY --chown=node:node health-server.js /home/node/app/health-server.js
|
| 32 |
COPY --chown=node:node cloudflare-proxy.js /opt/cloudflare-proxy.js
|
| 33 |
-
COPY --chown=node:node cloudflare-worker.js /home/node/app/cloudflare-worker.js
|
| 34 |
COPY --chown=node:node cloudflare-proxy-setup.py /home/node/app/cloudflare-proxy-setup.py
|
| 35 |
|
| 36 |
# Set NODE_OPTIONS after preload scripts are copied
|
|
|
|
| 30 |
|
| 31 |
COPY --chown=node:node health-server.js /home/node/app/health-server.js
|
| 32 |
COPY --chown=node:node cloudflare-proxy.js /opt/cloudflare-proxy.js
|
|
|
|
| 33 |
COPY --chown=node:node cloudflare-proxy-setup.py /home/node/app/cloudflare-proxy-setup.py
|
| 34 |
|
| 35 |
# Set NODE_OPTIONS after preload scripts are copied
|
health-server.js
CHANGED
|
@@ -78,6 +78,14 @@ function isRateLimited(req) {
|
|
| 78 |
return recent.length > UPTIMEROBOT_RATE_MAX;
|
| 79 |
}
|
| 80 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 81 |
function isAllowedUptimeSetupOrigin(req) {
|
| 82 |
const host = String(req.headers.host || "").toLowerCase();
|
| 83 |
const origin = String(req.headers.origin || "").toLowerCase();
|
|
|
|
| 78 |
return recent.length > UPTIMEROBOT_RATE_MAX;
|
| 79 |
}
|
| 80 |
|
| 81 |
+
// Prune stale rate-limit buckets every 5 minutes to prevent unbounded growth.
|
| 82 |
+
setInterval(() => {
|
| 83 |
+
const cutoff = Date.now() - UPTIMEROBOT_RATE_WINDOW_MS;
|
| 84 |
+
for (const [ip, timestamps] of uptimerobotRateMap) {
|
| 85 |
+
if (timestamps.every((ts) => ts < cutoff)) uptimerobotRateMap.delete(ip);
|
| 86 |
+
}
|
| 87 |
+
}, 5 * 60 * 1000).unref();
|
| 88 |
+
|
| 89 |
function isAllowedUptimeSetupOrigin(req) {
|
| 90 |
const host = String(req.headers.host || "").toLowerCase();
|
| 91 |
const origin = String(req.headers.origin || "").toLowerCase();
|