feat: add rate limit allow list

src/common.ts

@@ -67,6 +67,10 @@ export interface ConfigFile {
    * Output?! TODO
    */
   output: string;
+  /**
+   * Allow list for rate limiting
+   */
+  rateLimitAllowList: string[];
   /**
    * SSL file paths
    */
@@ -89,6 +93,10 @@ export interface TemplateView {
    * Listener
    */
   listener: string;
+  /**
+   * Allow list for rate limiting
+   */
+  rateLimitAllowList: string;
   /**
    * Static route
    */

src/main.ts

@@ -15,6 +15,7 @@
  */
 import {Logger} from '@openstapps/logger';
 import Dockerode from 'dockerode';
+import isCidr from 'is-cidr';
 import {render} from 'mustache';
 import {join} from 'path';
 import * as semver from 'semver';
@@ -187,6 +188,17 @@ async function renderTemplate(path: string, view: unknown): Promise<string> {
   return render(content, view);
 }
 
+/**
+ * Generate allow list entries in CIDR notation that pass thru rate limiting
+ *
+ * @param entries Allow list entries that should be in CIDR notation
+ */
+function generateRateLimitAllowList(entries: string[]): string {
+  return entries.filter(entry => isCidr(entry))
+    .map(entry => `${entry} 0;`)
+    .join('\n');
+}
+
 /**
  * Returns view for nginx config file
  *
@@ -213,6 +225,7 @@ export async function getTemplateView(containers: Dockerode.ContainerInfo[]): Pr
     dockerVersionMap: await generateUpstreamMap(configFile.activeVersions, configFile.outdatedVersions, containers),
     hiddenRoutes: (await Promise.all(hiddenRoutesPromises)).join(''),
     listener: generateListener(configFile.sslFilePaths),
+    rateLimitAllowList: generateRateLimitAllowList(configFile.rateLimitAllowList),
     staticRoute: await renderTemplate(join('fixtures', 'staticRoute.template'), {cors}),
     visibleRoutes: (await Promise.all(visibleRoutesPromises)).join(''),
   };