diff options
author | Pascal Terjan <pterjan@gmail.com> | 2016-02-07 13:18:50 +0100 |
---|---|---|
committer | Olivier Blin <dev@blino.org> | 2016-02-07 13:59:29 +0100 |
commit | d1231434e7aaa67247e031e67536c700dc2cebf1 (patch) | |
tree | 33de870bbe6ba1d15039542a620ffa7051dc2b1a /modules/buildsystem/templates | |
parent | f7598c059717dcec44486be9747af8fe5221f208 (diff) | |
download | puppet-d1231434e7aaa67247e031e67536c700dc2cebf1.tar puppet-d1231434e7aaa67247e031e67536c700dc2cebf1.tar.gz puppet-d1231434e7aaa67247e031e67536c700dc2cebf1.tar.bz2 puppet-d1231434e7aaa67247e031e67536c700dc2cebf1.tar.xz puppet-d1231434e7aaa67247e031e67536c700dc2cebf1.zip |
Switch to Apache 2.4 auth config for repository vhost
Diffstat (limited to 'modules/buildsystem/templates')
-rw-r--r-- | modules/buildsystem/templates/vhost_repository.conf | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/modules/buildsystem/templates/vhost_repository.conf b/modules/buildsystem/templates/vhost_repository.conf index d16cdb63..45ebaf32 100644 --- a/modules/buildsystem/templates/vhost_repository.conf +++ b/modules/buildsystem/templates/vhost_repository.conf @@ -23,7 +23,21 @@ distros = scope.lookupvar('buildsystem::var::distros::distros') <%- distros.keys.sort.each{|distroname| distro = distros[distroname] - allow_from = distro['repo_allow_from'] != nil ? distro['repo_allow_from'] : [ 'all' ] + if distro['repo_allow_from_ips'] != nil || distro['repo_allow_from_domains'] != nil then + access_requires = [ 'all denied' ] + if distro['repo_allow_from_ips'] != nil then + for allow in distro['repo_allow_from_ips'] do + access_requires << 'ip ' + allow + end + end + if distro['repo_allow_from_domains'] != nil then + for allow in distro['repo_allow_from_domains'] do + access_requires << 'host ' + allow + end + end + else + access_requires = [ 'all granted' ] + end %> Alias /bootstrap/<%= distroname %>/ "<%= bootstrap_reporoot %>/<%= distroname %>/" @@ -33,11 +47,10 @@ distros = scope.lookupvar('buildsystem::var::distros::distros') <Directory <%= bootstrap_reporoot %>/<%= distroname %>> Header append Cache-Control "public, must-revalidate" - Order deny,allow <%- - for allow in allow_from do + for req in access_requires do -%> - Allow from <%= allow %> + Require <%= req %> <%- end -%> @@ -46,12 +59,10 @@ distros = scope.lookupvar('buildsystem::var::distros::distros') <Directory <%= mirror_reporoot %>/<%= distroname %>> Header append Cache-Control "public, must-revalidate" - Order deny,allow - Deny from all <%- - for allow in allow_from do + for req in access_requires do -%> - Allow from <%= allow %> + Require <%= req %> <%- end -%> |