lua - move global vars from lua to site config (untested)

confs/site/log-lua.conf

@@ -1,11 +1,15 @@
 log_by_lua_block {
 
-local use_bad_behavior	= %USE_BAD_BEHAVIOR%
-
-local behavior		= require "behavior"
+-- bad behavior
+local use_bad_behavior		= %USE_BAD_BEHAVIOR%
+local behavior			= require "behavior"
+local bad_behavior_status_codes = {%BAD_BEHAVIOR_STATUS_CODES%}
+local bad_behavior_threshold    = %BAD_BEHAVIOR_THRESHOLD%
+local bad_behavior_count_time   = %BAD_BEHAVIOR_COUNT_TIME%
+local bad_behavior_ban_time     = %BAD_BEHAVIOR_BAN_TIME%
 
 if use_bad_behavior then
-	behavior.count()	
+	behavior.count(bad_behavior_status_code, bad_behavior_threshold, bad_behavior_count_time, bad_behavior_ban_time)
 end
 
 }

confs/site/main-lua.conf

@@ -3,23 +3,48 @@ set $session_check_addr on;
 
 access_by_lua_block {
 
+-- let's encrypt
 local use_lets_encrypt		= %USE_LETS_ENCRYPT%
-local use_whitelist_ip		= %USE_WHITELIST_IP%
-local use_whitelist_reverse	= %USE_WHITELIST_REVERSE%
+
+-- external blacklists
 local use_user_agents		= %USE_USER_AGENTS%
 local use_proxies		= %USE_PROXIES%
 local use_abusers		= %USE_ABUSERS%
 local use_tor_exit_nodes	= %USE_TOR_EXIT_NODES%
 local use_referrers		= %USE_REFERRERS%
+
+-- countries
 local use_country		= %USE_COUNTRY%
-local use_blacklist_ip		= %USE_BLACKLIST_IP%
-local use_blacklist_reverse	= %USE_BLACKLIST_REVERSE%
-local use_dnsbl			= %USE_DNSBL%
+
+-- crowdsec
 local use_crowdsec		= %USE_CROWDSEC%
+
+-- antibot
 local use_antibot_cookie	= %USE_ANTIBOT_COOKIE%
 local use_antibot_javascript	= %USE_ANTIBOT_JAVASCRIPT%
 local use_antibot_captcha	= %USE_ANTIBOT_CAPTCHA%
 local use_antibot_recaptcha	= %USE_ANTIBOT_RECAPTCHA%
+
+-- resolvers
+local dns_resolvers		= %DNS_RESOLVERS%
+
+-- whitelist
+local use_whitelist_ip		= %USE_WHITELIST_IP%
+local use_whitelist_reverse	= %USE_WHITELIST_REVERSE%
+local whitelist_ip_list		= %WHITELIST_IP_LIST%
+local whitelist_reverse_list	= %WHITELIST_REVERSE_LIST%
+
+-- blacklist
+local use_blacklist_ip		= %USE_BLACKLIST_IP%
+local use_blacklist_reverse	= %USE_BLACKLIST_REVERSE%
+local blacklist_ip_list		= %BLACKLIST_IP_LIST%
+local blacklist_reverse_list	= %BLACKLIST_REVERSE_LIST%
+
+-- dnsbl
+local use_dnsbl			= %USE_DNSBL%
+local dnsbl_list		= %DNSBL_LIST%
+
+-- bad behavior
 local use_bad_behavior		= %USE_BAD_BEHAVIOR%
 
 -- include LUA code
@@ -61,14 +86,14 @@ end
 
 -- check if IP is whitelisted (only if not in cache)
 if use_whitelist_ip and not whitelist.ip_cached() then
-	if whitelist.check_ip() then
+	if whitelist.check_ip(whitelist_ip_list) then
 		ngx.exit(ngx.OK)
 	end
 end
 
 -- check if reverse is whitelisted (only if not in cache)
 if use_whitelist_reverse and not whitelist.reverse_cached() then
-	if whitelist.check_reverse() then
+	if whitelist.check_reverse(whitelist_reverse_list) then
 		ngx.exit(ngx.OK)
 	end
 end
@@ -88,14 +113,14 @@ end
 
 -- check if IP is blacklisted (only if not in cache)
 if use_blacklist_ip and not blacklist.ip_cached() then
-	if blacklist.check_ip() then
+	if blacklist.check_ip(blacklist_ip_list) then
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
 end
 
 -- check if reverse is blacklisted (only if not in cache)
 if use_blacklist_reverse and not blacklist.reverse_cached() then
-	if blacklist.check_reverse() then
+	if blacklist.check_reverse(blacklist_reverse_list, dns_resolvers) then
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
 end
@@ -197,7 +222,7 @@ end
 
 -- check if IP is in DNSBLs (only if not in cache)
 if use_dnsbl and not dnsbl.cached() then
-	if dnsbl.check() then
+	if dnsbl.check(dnsbl_list, dns_resolvers) then
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
 end