fastgitorg / nginx-conf Goto Github PK
View Code? Open in Web Editor NEW⚙️ Nginx conf of FastGit, core part of fastgit web booster module
License: Other
⚙️ Nginx conf of FastGit, core part of fastgit web booster module
License: Other
如题,现在的反黑 bot 配置是这样的:
# Block search engine
# if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot")
# {
# return 403;
# }
# Anti Agent Bot DDoS
# If behind CDN, use folloing commented code
# if ($http_x_forwarded_for != $remote_addr) {
# return 503;
# }
if ($proxy_add_x_forwarded_for != $remote_addr) {
return 503;
}
——我很欣赏这种土方法,真的(抹眼泪
之所以先发 Issue 来征询意见是因为我使用 nginx-ultimate-bad-bot-blocker
的经验也不是很长,本着负责任的态度,问问看其他人对这个或其他类似项目是怎么看的
我个人网站是无所谓怎么误伤国内访客/爬虫的,但对贵项目来说这个项目却不一定适合,有意向做些考察的话,请参考:https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
Same to the title. Raw has its own rules which different to hub. It needs more rules to anti abuse.
remote: Invalid username or password.
fatal: Authentication failed for 'https://[email protected]/eurydyce/MDANSE.git/'
The same as the title. :<
nginx-conf/install-debian10.sh
Lines 84 to 93 in aea1df4
增加可用代码检阅配置。可用代码也许为:
pemUrl =
keyUrl =
...
if [ -n $pemUrl -a -n $keyUrl]; then
curl $pemUri > /var/www/cert/fg.pem
curl $keyUrl > /var/www/cert/fg.key
systemctl start nginx
systemctl reload nginx
else
echo "Please put cert(fg.pem) and key(fg.key) to /var/www/cert/"
echo "Then reload nginx."
echo "Thank you! :D"
fi
本代码并没有进行任何检测!
现在有个软件通过ajax下载插件,是通过github的/releases/download/来安装的。
由于fastgit的header中没有跨域的相关配置,所以无法在应用中下载到数据。
这里不管是直接使用https://download.fastgit.org/xxx/xxx/releases/download/xxx/xxx.json
还是https://hub.fastgit.org/xxx/xxx/releases/download/xxx/xxx.json
都无法在跨域的情况下访问。
建议添加类似的信息在header里面:
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
https://codeload.github.com/A/A/legacy.zip/refs/tags/$ will not work.
nginx-conf/archive.fastgit.org.conf
Line 48 in 6c875c5
we should add a codeload proxy
issue中插入的图片,域名是user-images.githubusercontent.com
很多项目中md文件中的图片域名是 camo.githubusercontent.com
https://docs.github.com/en/rest/reference/repos#releases
改写assets 中的 browser_download_url 到使用 download.fastgit.org 域
环境:CentOS Linux release 7.6.1810 (Core)
git版本:1.8.3.1
克隆仓库:https://github.com/EpicGames/UnrealEngine.git
代理方式:git config --global url."https://hub.fastgit.org".insteadOf https://github.com 或者 fgit
gitconfig:
[http]
lowSpeedLimit = 0
lowSpeedTime = 999999
postBuffer = 1048576000
[core]
compression = -1
[url "https://hub.fastgit.org"]
insteadOf = https://github.com
报错:
...
...
...
...
* Couldn't find host hub.fastgit.org in the .netrc file; using defaults
* About to connect() to hub.fastgit.org port 443 (#2)
* Trying 101.32.191.80...
* Connected to hub.fastgit.org (101.32.191.80) port 443 (#2)
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=*.fastgit.org
* start date: May 01 14:23:06 2020 GMT
* expire date: May 02 14:23:06 2021 GMT
* common name: *.fastgit.org
* issuer: CN=AlphaSSL CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE
* Server auth using Basic with user 'xxxxxxxxxxxx'
> POST /EpicGames/UnrealEngine.git/git-upload-pack HTTP/1.1
Authorization: Basic xxxxxxxxxxxx
User-Agent: git/1.8.3.1
Host: hub.fastgit.org
Accept-Encoding: gzip
Content-Type: application/x-git-upload-pack-request
Accept: application/x-git-upload-pack-result
Content-Encoding: gzip
Content-Length: 6581
* upload completely sent off: 6581 out of 6581 bytes
< HTTP/1.1 200 OK
< Server: nginx
< Date: Sun, 24 Jan 2021 12:16:29 GMT
< Content-Type: application/x-git-upload-pack-result
< Transfer-Encoding: chunked
< Connection: keep-alive
< expires: Fri, 01 Jan 1980 00:00:00 GMT
< pragma: no-cache
< Cache-Control: no-cache, max-age=0, must-revalidate
< Vary: Accept-Encoding
< X-Frame-Options: DENY
< X-GitHub-Request-Id: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
< x-pjax-url: https://hub.fastgit.org/EpicGames/UnrealEngine.git/git-upload-pack
< X-FastGit-Node: tc-hk-2
<
packet: fetch-pack< NAK
packet: fetch-pack> 0000
packet: fetch-pack< \2Enumerating objects: 3101936\15
packet: fetch-pack< \2Enumerating objects: 1, done.
remote: Enumerating objects: 1, done.
packet: fetch-pack< \2Counting objects: 100% (1/1)\15Counting objects: 100% (1/1), done.
remote: Counting objects: 100% (1/1), done.
trace: run_command: 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 17086 on <ip>' '--pack_header=2,3101937'
trace: exec: 'git' 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 17086 on <ip>' '--pack_header=2,3101937'
trace: built-in: git 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 17086 on <ip>' '--pack_header=2,3101937'
* transfer closed with outstanding read data remaining.35 MiB/s
* Closing connection 2
error: RPC failed; result=18, HTTP code = 200
fatal: The remote end hung up unexpectedly
fatal: early EOF
fatal: index-pack failed
我在尝试用本项目部署一个Github镜像站, 但是遇到了一些问题.
项目中没有 codeload.fastgit.org.conf 和 customer-stories-feed.fastgit.org.conf
并且镜像站没有办法登录Github账号, 请求 https://域名/sessions/verified-device/mobile_poll 会返回 502
我今天意外发现,同一个 Github 文件,
如果使用 raw.fastgit.org
,那么会是原始尺寸,检查头部没有发现压缩相关标识,即没有经过压缩。
如果通过 raw.githubusercontent.com
访问,那么会默认 Gzip 压缩,文件会小很多。
我也去看了一下其他的 Github Raw 加速服务,全部都进行了 Gzip 压缩以此来减少服务器流量、宽带,因此比较奇怪为什么 FastGit 没有这么做,是有什么特殊原因吗?或者这是一个错误?。。。
毕竟适当的压缩等级对服务器压力并不大,但却可以大幅降低服务器流量、宽带。
Refer FastGitORG/discussion#15
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.