Allow HTTP request body up to 4 MB. The default is 1 MB, which is too small for
face embeddings for photos with more than a couple of hundred faces.
Roughly, each face embedding is 4KB, but encrypting and base-64-ing the
embedding also has a 30% addition (just from one sample I saw), so this should
allow photos with ~700 faces to go through.
Ref:
- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size
During recent DDoS attacks, these restart limits had to be manually
disabled. For now, disabling them in our reference copy too, will bring them
back if they are needed later.
Add a dotted arrow between museum and the hot object storage to indicate that
clients talk directly to the primary S3 storage.
This has confused some users who were trying to setup self-hosting, them not
realizing that the minio buckets need to be accessible outside the container.
The actual flow is - for both GET and PUT, museum conjures up pre-signed URLs by
talking to the S3 bucket, and vends these pre-signed URLs back to the
client. Thereafter though (unless routed via a Cloudflare worker, which is not
the case when self-hosting), the clients directly connect to this presigned URL.
Maybe too much information to convey with a single dotted arrow, but at least
it'll give a hint that there is a direct connection there somewhere.
