danielr18 · August 17, 2021 02:51
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/bash

 # Config
 SITE=$1 #back.example.com
 PHP_SOCKET_FILE=$2 #=/run/php/php7.4-...
 CACHE_VALID_TIME="${3:-1m}" # Queries remain in cache for 1 minute
 REQUEST_LIMIT_SECOND="${4:-4}" # Up to 4 queries per second
 MAX_QUEUED_REQUESTS="${5:-200}" # Up to 200 queries in queue

 # Nginx Before configs
 mkdir -p /cache/graphql/$SITE
 cat > /etc/nginx/sites-available/$SITE/before/graphql.conf << ENDOFFILE
 fastcgi_cache_path /cache/graphql/$SITE levels=1:2 keys_zone=graphql-cache_$SITE:16m max_size=1g inactive=24h use_temp_path=off;
 limit_req_zone all zone=graphql-limit_$SITE:1m rate=${REQUEST_LIMIT_SECOND}r/s;
 ENDOFFILE

 cat > /etc/nginx/sites-available/$SITE/before/log_format.conf << ENDOFFILE
 log_format enhanced_$SITE '"\$time_local" client=\$remote_addr '
               'method=\$request_method request="\$request" '
               'request_length=\$request_length '
               'status=$status bytes_sent=\$bytes_sent '
               'body_bytes_sent=\$body_bytes_sent '
               'referer=\$http_referer '
               'user_agent="\$http_user_agent" '
               'upstream_addr=\$upstream_addr '
               'upstream_status=\$upstream_status '
               'upstream_cache_status=\$upstream_cache_status '
               'request_time=\$request_time '
               'upstream_response_time=\$upstream_response_time '
               'upstream_connect_time=\$upstream_connect_time '
               'upstream_header_time=\$upstream_header_time';
 ENDOFFILE

 # Nginx Server configs
 cat > /etc/nginx/sites-available/$SITE/server/enhanced_logs.conf << ENDOFFILE
 access_log /sites/$SITE/logs/access.log enhanced_$SITE;
 ENDOFFILE

 cat > /etc/nginx/sites-available/$SITE/server/graphql.conf << ENDOFFILE
 # Catch the wordpress cookies.
 # Must be set to blank first for when they don't exist.
 set \$wordpress_auth "";
 if (\$http_cookie ~* "wordpress_logged_in_[^=]*=([^%]+)%7C") {
    set \$wordpress_auth wordpress_logged_in_\$1;
 }

 location @graphql {
  try_files \$uri =404;
  fastcgi_pass unix:$PHP_SOCKET_FILE;
  include fastcgi.conf;
  fastcgi_cache graphql-cache_$SITE;
  fastcgi_cache_methods GET;
  fastcgi_ignore_headers Cache-Control;
  fastcgi_cache_valid $CACHE_VALID_TIME;
  fastcgi_cache_min_uses 2;
  fastcgi_cache_background_update on;
  fastcgi_cache_bypass \$wordpress_auth; # Do not serve response from cache.
  fastcgi_no_cache \$wordpress_auth; # Do not cache the response.
  limit_req zone=graphql-limit_$SITE burst=$MAX_QUEUED_REQUESTS delay=${REQUEST_LIMIT_SECOND};
 }
 ENDOFFILE


 # Nginx Location configs
 cat > /etc/nginx/sites-available/$SITE/location/graphql.conf << ENDOFFILE
 error_page 420 = @graphql;
 if ( \$args ~ ^graphql&) { return 420; }
 if ( \$request_uri ~ ^/graphql(\?|\$)) { return 420; }
 ENDOFFILE
	#!/bin/bash

	# Config
	SITE=$1 #back.example.com
	PHP_SOCKET_FILE=$2 #=/run/php/php7.4-...
	CACHE_VALID_TIME="${3:-1m}" # Queries remain in cache for 1 minute
	REQUEST_LIMIT_SECOND="${4:-4}" # Up to 4 queries per second
	MAX_QUEUED_REQUESTS="${5:-200}" # Up to 200 queries in queue

	# Nginx Before configs
	mkdir -p /cache/graphql/$SITE
	cat > /etc/nginx/sites-available/$SITE/before/graphql.conf << ENDOFFILE
	fastcgi_cache_path /cache/graphql/$SITE levels=1:2 keys_zone=graphql-cache_$SITE:16m max_size=1g inactive=24h use_temp_path=off;
	limit_req_zone all zone=graphql-limit_$SITE:1m rate=${REQUEST_LIMIT_SECOND}r/s;
	ENDOFFILE

	cat > /etc/nginx/sites-available/$SITE/before/log_format.conf << ENDOFFILE
	log_format enhanced_$SITE '"\$time_local" client=\$remote_addr '
	'method=\$request_method request="\$request" '
	'request_length=\$request_length '
	'status=$status bytes_sent=\$bytes_sent '
	'body_bytes_sent=\$body_bytes_sent '
	'referer=\$http_referer '
	'user_agent="\$http_user_agent" '
	'upstream_addr=\$upstream_addr '
	'upstream_status=\$upstream_status '
	'upstream_cache_status=\$upstream_cache_status '
	'request_time=\$request_time '
	'upstream_response_time=\$upstream_response_time '
	'upstream_connect_time=\$upstream_connect_time '
	'upstream_header_time=\$upstream_header_time';
	ENDOFFILE

	# Nginx Server configs
	cat > /etc/nginx/sites-available/$SITE/server/enhanced_logs.conf << ENDOFFILE
	access_log /sites/$SITE/logs/access.log enhanced_$SITE;
	ENDOFFILE

	cat > /etc/nginx/sites-available/$SITE/server/graphql.conf << ENDOFFILE
	# Catch the wordpress cookies.
	# Must be set to blank first for when they don't exist.
	set \$wordpress_auth "";
	if (\$http_cookie ~* "wordpress_logged_in_[^=]*=([^%]+)%7C") {
	set \$wordpress_auth wordpress_logged_in_\$1;
	}

	location @graphql {
	try_files \$uri =404;
	fastcgi_pass unix:$PHP_SOCKET_FILE;
	include fastcgi.conf;
	fastcgi_cache graphql-cache_$SITE;
	fastcgi_cache_methods GET;
	fastcgi_ignore_headers Cache-Control;
	fastcgi_cache_valid $CACHE_VALID_TIME;
	fastcgi_cache_min_uses 2;
	fastcgi_cache_background_update on;
	fastcgi_cache_bypass \$wordpress_auth; # Do not serve response from cache.
	fastcgi_no_cache \$wordpress_auth; # Do not cache the response.
	limit_req zone=graphql-limit_$SITE burst=$MAX_QUEUED_REQUESTS delay=${REQUEST_LIMIT_SECOND};
	}
	ENDOFFILE


	# Nginx Location configs
	cat > /etc/nginx/sites-available/$SITE/location/graphql.conf << ENDOFFILE
	error_page 420 = @graphql;
	if ( \$args ~ ^graphql&) { return 420; }
	if ( \$request_uri ~ ^/graphql(\?\|\$)) { return 420; }
	ENDOFFILE