performance - move bad user-agents and referrers checks from nginx to LUA with caching

entrypoint/global-config.sh

@@ -113,18 +113,22 @@ fi
 
 # block bad UA
 if [ "$(has_value BLOCK_USER_AGENT yes)" != "" ] ; then
-	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_USER_AGENT%" "include /etc/nginx/map-user-agent.conf;"
 	echo "$BLOCK_USER_AGENT_CRON /opt/scripts/user-agents.sh" >> /etc/crontabs/nginx
+	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_USER_AGENTS%" "lua_shared_dict user_agents_data 1m; lua_shared_dict user_agents_cache 10m;"
+	replace_in_file "/etc/nginx/init-lua.conf" "%USE_USER_AGENTS%" "true"
 else
-	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_USER_AGENT%" ""
+	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_USER_AGENTS%" ""
+	replace_in_file "/etc/nginx/init-lua.conf" "%USE_USER_AGENTS%" "false"
 fi
 
 # block bad refferer
 if [ "$(has_value BLOCK_REFERRER yes)" != "" ] ; then
-	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_REFERRER%" "include /etc/nginx/map-referrer.conf;"
 	echo "$BLOCK_REFERRER_CRON /opt/scripts/referrers.sh" >> /etc/crontabs/nginx
+	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_REFERRERS%" "lua_shared_dict referrers_data 1m; lua_shared_dict referrers_cache 10m;"
+	replace_in_file "/etc/nginx/init-lua.conf" "%USE_REFERRERS%" "true"
 else
-	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_REFERRER%" ""
+	replace_in_file "/etc/nginx/nginx.conf" "%BLOCK_REFERRERS%" ""
+	replace_in_file "/etc/nginx/init-lua.conf" "%USE_REFERRERS%" "false"
 fi
 
 # block TOR exit nodes

entrypoint/jobs.sh

@@ -19,9 +19,9 @@ fi
 
 # User-Agents
 if [ "$(has_value BLOCK_USER_AGENT yes)" != "" ] ; then
-	if [ -f "/cache/map-user-agent.conf" ] ; then
-		echo "[*] Copying cached map-user-agent.conf ..."
-		cp /cache/map-user-agent.conf /etc/nginx/map-user-agent.conf
+	if [ -f "/cache/user-agents.list" ] ; then
+		echo "[*] Copying cached user-agents.list ..."
+		cp /cache/user-agents.list /etc/nginx/user-agents.list
 	else
 		echo "[*] Downloading bad user-agent list (in background) ..."
 		/opt/scripts/user-agents.sh > /dev/null 2>&1 &
@@ -30,9 +30,9 @@ fi
 
 # Referrers
 if [ "$(has_value BLOCK_REFERRER yes)" != "" ] ; then
-	if [ -f "/cache/map-referrer.conf" ] ; then
-		echo "[*] Copying cached map-referrer.conf ..."
-		cp /cache/map-referrer.conf /etc/nginx/map-referrer.conf
+	if [ -f "/cache/referrers.list" ] ; then
+		echo "[*] Copying cached referrers.list ..."
+		cp /cache/referrers.list /etc/nginx/referrers.list
 	else
 		echo "[*] Downloading bad referrer list (in background) ..."
 		/opt/scripts/referrers.sh > /dev/null 2>&1 &
@@ -41,9 +41,9 @@ fi
 
 # exit nodes
 if [ "$(has_value BLOCK_TOR_EXIT_NODE yes)" != "" ] ; then
-	if [ -f "/cache/block-tor-exit-node.conf" ] ; then
-		echo "[*] Copying cached block-tor-exit-node.conf ..."
-		cp /cache/block-tor-exit-node.conf /etc/nginx/block-tor-exit-node.conf
+	if [ -f "/cache/tor-exit-nodes.list" ] ; then
+		echo "[*] Copying cached tor-exit-nodes.list ..."
+		cp /cache/tor-exit-nodes.list /etc/nginx/tor-exit-nodes.list
 	else
 		echo "[*] Downloading tor exit nodes list (in background) ..."
 		/opt/scripts/exit-nodes.sh > /dev/null 2>&1 &
@@ -52,9 +52,9 @@ fi
 
 # proxies
 if [ "$(has_value BLOCK_PROXIES yes)" != "" ] ; then
-	if [ -f "/cache/block-proxies.conf" ] ; then
-		echo "[*] Copying cached block-proxies.conf ..."
-		cp /cache/block-proxies.conf /etc/nginx/block-proxies.conf
+	if [ -f "/cache/proxies.list" ] ; then
+		echo "[*] Copying cached proxies.list ..."
+		cp /cache/proxies.list /etc/nginx/proxies.list
 	else
 		echo "[*] Downloading proxies list (in background) ..."
 		/opt/scripts/proxies.sh > /dev/null 2>&1 &
@@ -63,9 +63,9 @@ fi
 
 # abusers
 if [ "$(has_value BLOCK_ABUSERS yes)" != "" ] ; then
-	if [ -f "/cache/block-abusers.conf" ] ; then
-		echo "[*] Copying cached block-abusers.conf ..."
-		cp /cache/block-abusers.conf /etc/nginx/block-abusers.conf
+	if [ -f "/cache/abusers.list" ] ; then
+		echo "[*] Copying cached abusers.list ..."
+		cp /cache/abusers.list /etc/nginx/abusers.list
 	else
 		echo "[*] Downloading abusers list (in background) ..."
 		/opt/scripts/abusers.sh > /dev/null 2>&1 &

entrypoint/site-config.sh

@@ -278,7 +278,7 @@ fi
 
 # block bad UA
 if [ "$BLOCK_USER_AGENT" = "yes" ] ; then
-	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_USER_AGENT%" "true"
+	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_USER_AGENTS%" "true"
 	if [ "$WHITELIST_USER_AGENT" != "" ] ; then
 		list=$(spaces_to_lua "$WHITELIST_USER_AGENT")
 		replace_in_file "${NGINX_PREFIX}main-lua.conf" "%WHITELIST_USER_AGENT%" "$list"
@@ -286,7 +286,7 @@ if [ "$BLOCK_USER_AGENT" = "yes" ] ; then
 		replace_in_file "${NGINX_PREFIX}main-lua.conf" "%WHITELIST_USER_AGENT%" ""
 	fi
 else
-	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_USER_AGENT%" "false"
+	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_USER_AGENTS%" "false"
 	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%WHITELIST_USER_AGENT%" ""
 fi
 
@@ -300,7 +300,7 @@ fi
 
 # block bad referrer
 if [ "$BLOCK_REFERRER" = "yes" ] ; then
-	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_REFERRER%" "true"
+	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_REFERRERS%" "true"
 else
 	replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_REFERRER%" "false"
 fi