From c11d73c3282608f4e2d6829c48e932061c2bb8c3 Mon Sep 17 00:00:00 2001
From: thiloho <123883702+thiloho@users.noreply.github.com>
Date: Fri, 20 Sep 2024 17:47:25 +0200
Subject: [PATCH] Enable rate limiting and compression for NGINX

---
 nix/module.nix                                       | 12 +++++++++---
 .../website/[websiteId]/categories/+page.server.ts   |  1 +
 .../website/[websiteId]/categories/+page.svelte      |  5 +++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/nix/module.nix b/nix/module.nix
index 52fc37c..3be0a0a 100644
--- a/nix/module.nix
+++ b/nix/module.nix
@@ -131,7 +131,7 @@ in
       };
 
       script = ''
-        REGISTRATION_IS_DISABLED=${toString cfg.disableRegistration} BODY_SIZE_LIMIT=Infinity ORIGIN=https://${cfg.domain} PORT=${toString cfg.webAppPort} ${pkgs.nodejs_22}/bin/node ${cfg.package}/web-app
+        REGISTRATION_IS_DISABLED=${toString cfg.disableRegistration} BODY_SIZE_LIMIT=10M ORIGIN=https://${cfg.domain} PORT=${toString cfg.webAppPort} ${pkgs.nodejs_22}/bin/node ${cfg.package}/web-app
       '';
     };
 
@@ -154,6 +154,14 @@ in
       enable = true;
       recommendedProxySettings = true;
       recommendedTlsSettings = true;
+      recommendedZstdSettings = true;
+      recommendedOptimisation = true;
+
+      appendHttpConfig = ''
+        limit_req_zone $binary_remote_addr zone=requestLimit:10m rate=5r/s;
+        limit_req_status 429;
+        limit_req zone=requestLimit burst=20 nodelay;
+      '';
 
       virtualHosts = {
         "${cfg.domain}" = {
@@ -172,8 +180,6 @@ in
               proxyPass = "http://localhost:${toString cfg.apiPort}/";
               extraConfig = ''
                 default_type application/json;
-                proxy_set_header Connection "";
-                proxy_http_version 1.1;
               '';
             };
             "/api/rpc/register" = mkIf cfg.disableRegistration {
diff --git a/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.server.ts b/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.server.ts
index f16941f..807dd05 100644
--- a/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.server.ts
+++ b/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.server.ts
@@ -60,6 +60,7 @@ export const actions: Actions = {
           Authorization: `Bearer ${cookies.get("session_token")}`
         },
         body: JSON.stringify({
+          category_name: data.get("category-name"),
           category_weight: data.get("category-weight")
         })
       }
diff --git a/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.svelte b/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.svelte
index 71100d9..df9df36 100644
--- a/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.svelte
+++ b/web-app/src/routes/(authenticated)/website/[websiteId]/categories/+page.svelte
@@ -89,6 +89,11 @@
                 >
                   <input type="hidden" name="category-id" value={id} />
 
+                  <label>
+                    Name:
+                    <input type="text" name="category-name" value={category_name} maxlength="50" required />
+                  </label>
+
                   <label>
                     Weight:
                     <input type="number" name="category-weight" value={category_weight} min="0" />