/Telegram ID Rate Limit Plugin
Telegram ID Rate Limit Plugin
3
v0.1.2
Traefik Plugin For Rate Limiting Incoming Telegram Messages
This traefik plugin allows you to define limits for incoming telegram messages based on the messages' IDs. Define exceptions for certain IDs with higher limits and to block certain IDs at all.
Sample configuration
The following code snippet is a sample configuration for the dynamic file based provider, but this plugin works with all other configuration providers as well.
# config.ymlapi:dashboard: trueinsecure: true # do not use `insecure: true` in productionexperimental:plugins:traefik-telegram-ratelimiter:moduleName: github.com/bitzlato/traefik-telegram-ratelimiterversion: "v0.1.0"entryPoints:https:address: ":443"forwardedHeaders:insecure: trueproviders:file:filename: rules.yml# rules.ymlhttp:routers:my-router:entryPoints:- httpsmiddlewares:- tg-ratelimit- strip-webhookservice: tg-botrule: Path(`/webhook/tg-bot`)services:tg-bot:loadBalancer:servers:- url: http://tg-bot:8000middlewares:tg-ratelimit:plugin:traefik-telegram-ratelimiter:hitTableSize: 50000limit: 6000whitelistLimit: -1expire: 86400 # 24 hourswhitelist: "/srv/config/tg-bot/whitelist.ids"whitelistURL: "https://server.com/whitelist.ids"blacklist: "/srv/config/tg-bot/blacklist.ids"blacklistURL: "https://server.com/blacklist.ids"listPolling: 60console: trueconsoleAddress: ":8888"strip-webhook:stipPrefix:prefixes:- "/webhook/tg-bot"
Configuration
This plugin supports the following configuration parameters:
- hitTableSize -- maximum size of the table to keep hit records. On overflow the oldest records will be overwritten with the new ones. Default value:
50000 - expire -- the duration in seconds to keep the ID record since the first occurence of the ID in the incoming telegram message. After that time the hits with the same ID will start to count since 0 again. Default value:
86400(24 hours) - limit -- maximum number of hits (messages) to allow during the
expireperiod.-1means the limit is not applied.0-- no hits allowed at all. Default value:-1(do not apply hit limit) - whitelistLimit -- maximum number of hits to allow for IDs found in the
whitelistfile. Has the same special cases as for thelimitparameter. Default value:-1(do not apply hit limit) - whitelist -- path to the file containing telegram IDs to apply
whitelistLimitto. The file should contain each numeric ID on a separate line. Default value:nil - whitelistURL -- URL of the resource returning whilisted IDs. The same requirements as for
blacklistfile. Default:nil - blacklist -- path to the file containing telegram IDs to block right away. Hits counting is not applied to the blacklisted IDs. Default value:
nil - blacklistURL -- URL to the resource returning blacklisted IDs. Default:
nil - listPolling -- interval in seconds between periodic whitelist/blacklist updates. No updates when <= 0. Default:
0(no periodic updates) - console -- whether to enable management console
- consoleAddress - management console listener address. Console listener works as a tcp socket
HTTP Management server endpoints
- GET
/hits-- returns hit table. - GET
/hits/<tg id>-- shows accumulated hits for the specified telegram id - DELETE
/hits/<tg id>-- reset hits for the specified telegram id - GET
/list/(wl|bl)/<tg id>-- check whether the telegram id is present in the list. Example:curl http://srv.com:8888/list/bl/123 - PUT
/list/(wl|bl)/<tg id>-- add the telegram id to the specified list - DELETE
/list/(wl|bl)/<tg id>-- remove the telegram id from the specified list - GET
/limit-- returns hit limit for regular ids - PUT
/limit-- set hit limit for regular ids. Example:curl http://srv.com:8888/limit -X PUT -d 20 - GET
/wllimit-- returns hit limit for whitelisted ids - PUT
/wllimit-- set hit limit for whitelisted ids. Example:curl http://srv.com:8888/wllimit -X PUT -d -1