# IdS rate limits
# Same limit zone is used in all ids virtual host. Below serves good for
# one IdS HA pair. Add and include separate zones for new IdS clusters
# configured on same proxy.
# IdS connection is established by end user in following scenarios:
# - IdS calls in SSO flow via browser redirects - authorize, saml response processing
# - IdS status check during cert acceptance check post login
# For all the above single connection to an IdS should suffice which makes 2 for HA cluster
# Adding some buffer to it
limit_conn idshttp1connperip ${NGX_IDS_HTTP1_CONN_LIMIT};
limit_conn idshttp2connperip ${NGX_IDS_HTTP2_CONN_LIMIT};
limit_req zone=idsratelimit burst=${NGX_IDS_REQUEST_BURST_LIMIT} nodelay;

# referer_hash_bucket_size value
referer_hash_bucket_size ${NGX_IDS_REFERER_HASH_BUCKET_SIZE};

# Ensure the maximum body size for URIs is defined
client_max_body_size ${NGX_CLIENT_MAX_BODY_SIZE};
# Ensure the maximum buffer size for URIs is defined
large_client_header_buffers ${NGX_LARGE_CLIENT_HEADER_BUFFER_NUM} ${NGX_LARGE_CLIENT_HEADER_BUFFER_SIZE};

# Timeouts configuration
keepalive_timeout ${NGX_KEEPALIVE_TIMEOUT};
client_header_timeout ${NGX_CLIENT_HEADER_TIMEOUT};
client_body_timeout ${NGX_CLIENT_BODY_TIMEOUT};
