From 57ccf013c4e76b797e8f428ef5c9d18c6382ef40 Mon Sep 17 00:00:00 2001
From: VC <veretcle+framagit@mateu.be>
Date: Thu, 1 May 2025 11:39:39 +0200
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8:=20add=20authorized=20ip?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 inventory/host_vars/bt.yml             | 1 +
 roles/haproxy/templates/haproxy.cfg.j2 | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/inventory/host_vars/bt.yml b/inventory/host_vars/bt.yml
index 5676654..c63aafe 100644
--- a/inventory/host_vars/bt.yml
+++ b/inventory/host_vars/bt.yml
@@ -6,6 +6,7 @@ web_hostname:
   - host: btf.mateu.be
     allowlistv4:
       - 88.175.123.77/32
+      - 109.9.84.47/32
     allowlistv6:
       - 2a01:e0a:9bd:2811::/64
       - 2a01:e0a:9bd:2810::/64
diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2
index 114ea8a..702768d 100644
--- a/roles/haproxy/templates/haproxy.cfg.j2
+++ b/roles/haproxy/templates/haproxy.cfg.j2
@@ -80,7 +80,7 @@ frontend https
 	acl host_{{ hostname }} req.ssl_sni -i {{ hostname }}
 {% set host = (hostvars[server].web_hostname | selectattr('host', '==', hostname))[0] %}
 {% if host.allowlistv4 is defined %}
-	acl network_allowed_{{ hostname }} src {% for addrv4 in host.allowlistv4 %}{{ addrv4 }}{% endfor %}
+	acl network_allowed_{{ hostname }} src {% for addrv4 in host.allowlistv4 %} {{ addrv4 }}{% endfor %}
 
 {% endif %}
 	use_backend https_{{ hostvars[server].ansible_host }} if host_{{ hostname }}{% if host.allowlistv4 is defined %} network_allowed_{{ hostname }}{% endif %}