spk-spar-checker - production: add own IPs to admin_ip_range and by that allow access...

author Thomas Dalichow <thomas.dalichow@publicispixelpark.de>

Tue, 26 Sep 2017 16:43:18 +0000 (18:43 +0200)

committer Thomas Dalichow <thomas.dalichow@publicispixelpark.de>

Tue, 26 Sep 2017 16:43:18 +0000 (18:43 +0200)
author Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
Tue, 26 Sep 2017 16:43:18 +0000 (18:43 +0200)
committer Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
Tue, 26 Sep 2017 16:43:18 +0000 (18:43 +0200)
diff --git a/customer/spk-spar-checker/production.yaml b/customer/spk-spar-checker/production.yaml

index 0ecd8539c8ef89f16d38c7bbd062180d68c331ea..f53278c30132d867f3952e17c0c863e89343d0e2 100644 (file)
--- a/customer/spk-spar-checker/production.yaml
+++ b/customer/spk-spar-checker/production.yaml
@@ -51,6 +51,7 @@ infra::profile::apache::pp_vhosts:
        - 'HTTPS on X-Forwarded-Proto=https'
        - 'HTTPS on HTTPS=on'
        - 'X-Forwarded-For ^80.146.239.2 admin_ip_range'
+      - 'X-Forwarded-For 192.168.15.1[67] admin_ip_range'
      error_documents:
        - { error_code: 401 , document: "/401.html" }
        - { error_code: 403 , document: "/403.html" }
@@ -71,7 +72,11 @@ infra::profile::apache::pp_vhosts:
          auth_digest_provider: file
          auth_digest_algorithm: MD5
          auth_user_file: '/etc/httpd/htdigest'
-        auth_require: 'valid-user'
+        require:
+          enforce: any
+          requires:
+            - 'valid-user'
+            - 'env admin_ip_range'
  #      - provider: location
  #        path: '/api'
        - provider: location
author	Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
	Tue, 26 Sep 2017 16:43:18 +0000 (18:43 +0200)
committer	Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
	Tue, 26 Sep 2017 16:43:18 +0000 (18:43 +0200)