Switch to Apache 2.4 auth config for repository vhost

1 files changed, 19 insertions, 8 deletions

diff --git a/modules/buildsystem/templates/vhost_repository.conf b/modules/buildsystem/templates/vhost_repository.conf
index d16cdb63..45ebaf32 100644
--- a/modules/buildsystem/templates/vhost_repository.conf
+++ b/modules/buildsystem/templates/vhost_repository.conf
@@ -23,7 +23,21 @@ distros = scope.lookupvar('buildsystem::var::distros::distros')
 <%-
     distros.keys.sort.each{|distroname| 
 	distro = distros[distroname]
-	allow_from = distro['repo_allow_from'] != nil ? distro['repo_allow_from'] : [ 'all' ]
+	if distro['repo_allow_from_ips'] != nil || distro['repo_allow_from_domains'] != nil then
+	    access_requires = [ 'all denied' ]
+	    if distro['repo_allow_from_ips'] != nil then
+		for allow in distro['repo_allow_from_ips'] do
+		    access_requires << 'ip ' + allow
+		end
+	    end
+	    if distro['repo_allow_from_domains'] != nil then
+		for allow in distro['repo_allow_from_domains'] do
+		    access_requires << 'host ' + allow
+		end
+	    end
+	else
+	    access_requires = [ 'all granted' ]
+	end
 %>
 	Alias /bootstrap/<%= distroname %>/ "<%= bootstrap_reporoot %>/<%= distroname %>/"
 
@@ -33,11 +47,10 @@ distros = scope.lookupvar('buildsystem::var::distros::distros')
 
 	<Directory  <%= bootstrap_reporoot %>/<%= distroname %>>
           Header append Cache-Control "public, must-revalidate"
-          Order deny,allow
 <%-
-        for allow in allow_from do
+        for req in access_requires do
 -%>
-          Allow from <%= allow %>
+          Require <%= req %>
 <%-
         end
 -%>
@@ -46,12 +59,10 @@ distros = scope.lookupvar('buildsystem::var::distros::distros')
 
 	<Directory  <%= mirror_reporoot %>/<%= distroname %>>
           Header append Cache-Control "public, must-revalidate"
-          Order deny,allow
-          Deny from all
 <%-
-	for allow in allow_from do
+	for req in access_requires do
 -%>
-          Allow from <%= allow %>
+          Require <%= req %>
 <%-
         end
 -%>