gnezim/flights_web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WAF rate-limit mitigation: nginx /api cache + Playwright throttle

Browse Source 
(A) Add proxy_cache zone for ui-dashboard.gnerim.ru. /api/ caches 200 for
1m, /map/api/ for 24h. proxy_cache_use_stale serves cached content during
upstream errors (incl. 403 from WAF rate limit). proxy_cache_lock collapses
concurrent fetches for the same URI. Cache zone declared in conf.d/ (must
be in http{} context).

(B) Playwright workers=2, retries=2 in CI. Cuts the parallel burst that
trips the WAF before nginx cache warms up; retries handle the residual
flake.

setup-pve201.sh now installs the conf.d cache file and pre-creates the
cache dir with nginx-user ownership.
This commit is contained in:
Anton
2026-04-27 16:40:44 +03:00
parent f17961d523
commit b0e9aafed2
4 changed files with 66 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
playwright.config.ts
+7
View File
@@ -3,9 +3,16 @@ import { defineConfig } from "@playwright/test";
const baseURL = process.env.BASE_URL ?? "http://localhost:8080";
const startLocalServer = !process.env.BASE_URL;
// CI: throttle workers + retry transient flake (the upstream WAF rate-limits
// /api/* by source IP; nginx proxy_cache absorbs most repeat fetches but a
// burst can still trip 1-2 of them).
const isCI = !!process.env.CI;
export default defineConfig({
testDir: "tests/e2e",
timeout: 30000,
workers: isCI ? 2 : undefined,
retries: isCI ? 2 : 0,
use: {
baseURL,
headless: true,