From af4f9130141ad84b2dbfee92dd23a52cfcbfb533 Mon Sep 17 00:00:00 2001 From: VC Date: Sat, 2 Nov 2024 11:20:33 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B:=20fix=20v4=20whitelist?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/haproxy/templates/haproxy.cfg.j2 | 6 +++++- roles/nginx/templates/vhosts/btf.mateu.be.conf.j2 | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 index 5932b85..6456e8a 100644 --- a/roles/haproxy/templates/haproxy.cfg.j2 +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -60,7 +60,11 @@ frontend https {% for hostname in hostvars[server]['web_hostname'] | sort %} ## {{ hostname }} configuration acl host_{{ hostname }} req.ssl_sni -i {{ hostname }} - use_backend https_{{ server }} if host_{{ hostname }} +{% if hostname == "btf.mateu.be" %} + acl network_allowed_{{ hostname }} src 88.175.123.77 +{% endif %} + use_backend https_{{ server }} if host_{{ hostname }}{% if hostname == "btf.mateu.be" %} network_allowed_{{ hostname }}{% endif %} + {% endfor %} {% endfor %} diff --git a/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2 b/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2 index e9b0414..9523376 100644 --- a/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2 +++ b/roles/nginx/templates/vhosts/btf.mateu.be.conf.j2 @@ -1,4 +1,4 @@ -{% set allowed_ips=['10.233.212.64/27', '2a01:e0a:9bd:2811::/64', '2a01:e0a:9bd:2810::/64', '2a01:e0a:fc:ebc0::/64', '2a01:cb00:8a0a:b700::/64', '2a01:e0a:d19:ef90::/64', '2001:910:13c8::/48', '2a01:e0a:bde:d350::/64', '2a01:cb00:f55:2d00::/64'] -%} +{% set allowed_ips=['10.233.212.2/32','10.233.212.64/27', '2a01:e0a:9bd:2811::/64', '2a01:e0a:9bd:2810::/64', '2a01:e0a:fc:ebc0::/64', '2a01:cb00:8a0a:b700::/64', '2a01:e0a:d19:ef90::/64', '2001:910:13c8::/48', '2a01:e0a:bde:d350::/64', '2a01:cb00:f55:2d00::/64'] -%} server { {% include './templates/header.conf.j2' %}