From 327e6d338cf6dbdbb8b0a13c0d15bac4672364ab Mon Sep 17 00:00:00 2001
From: VC <veretcle+framagit@mateu.be>
Date: Fri, 5 Jul 2024 11:53:39 +0200
Subject: [PATCH] feat: new authorization

---
 .../templates/vhosts/btf.mateu.be.conf.j2     | 20 +++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2 b/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2
index 76c318b..1a3e174 100644
--- a/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2
+++ b/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2
@@ -1,12 +1,24 @@
+{% set allowed_ips=['10.233.212.64/27', '163.172.112.19', '2a01:e0a:9bd:2811::/64', '2a01:e0a:9bd:2810::/64', '130.180.219.188'] -%}
 server {
 {% include './templates/header.conf.j2' %}
+
 	location / {
+		deny all;
+	}
+	location /bt {
 		root /var/lib/transmission-daemon/downloads/;
 		autoindex on;
-		allow 10.233.212.64/27;
-		allow 163.172.112.19;
-		allow 2a01:e0a:9bd:2811::/64;
-		allow 2a01:e0a:9bd:2810::/64;
+		{% for allowed_ip in allowed_ips -%}
+		allow {{ allowed_ip }};
+		{% endfor -%}
+		deny all;
+	}
+	location /tank {
+		root /net/;
+		autoindex on;
+		{% for allowed_ip in allowed_ips -%}
+		allow {{ allowed_ip }};
+		{% endfor -%}
 		deny all;
 	}
 }