diff --git a/d1/nginx_config.py b/d1/nginx_config.py index 07e4627..fd9dff5 100644 --- a/d1/nginx_config.py +++ b/d1/nginx_config.py @@ -220,6 +220,23 @@ def ssl(input_json, output_conf): upstream_servers = [] server_names = [] + ssh_proxy_download_rate = ssl_nginx['stream_server'].get( + 'ssh_proxy_download_rate', + 128 * 1024, + ) + ssh_proxy_upload_rate = ssl_nginx['stream_server'].get( + 'ssh_proxy_upload_rate', + 128 * 1024, + ) + web_proxy_download_rate = ssl_nginx['stream_server'].get( + 'web_proxy_download_rate', + 128 * 1024 * 1024, + ) + web_proxy_upload_rate = ssl_nginx['stream_server'].get( + 'web_proxy_upload_rate', + 128 * 1024 * 1024, + ) + if 'by_server_name' in ssl_nginx['stream_server']: for k, v in ssl_nginx['stream_server']['by_server_name'].items(): upstream_servers.append( @@ -260,6 +277,15 @@ stream { "TLSv1.3" $upstream_server_name; } + map $upstream_protocol $proxy_download_rate { + web {web_proxy_download_rate}; + ssh {ssh_proxy_download_rate}; + } + map $upstream_protocol $proxy_upload_rate { + web {web_proxy_upload_rate}; + ssh {ssh_proxy_upload_rate}; + } + map $ssl_preread_server_name $upstream_server_name { default web; {server_names} @@ -270,7 +296,12 @@ stream { listen 443; ssl_preread on; + proxy_pass $upstream_protocol; + + proxy_download_rate $proxy_download_rate; + proxy_upload_rate $proxy_upload_rate; + # proxy_upload_rate 10k; } } '''.replace( @@ -280,6 +311,14 @@ stream { ]), ).replace( '{ssh_section}', ssh_section, + ).replace( + '{web_proxy_download_rate}', '%d' % web_proxy_download_rate, + ).replace( + '{ssh_proxy_download_rate}', '%d' % ssh_proxy_download_rate, + ).replace( + '{web_proxy_upload_rate}', '%d' % web_proxy_upload_rate, + ).replace( + '{ssh_proxy_upload_rate}', '%d' % ssh_proxy_upload_rate, ).replace( '{server_names}', ''.join([ ' ' + o + '\n'