vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add country-based IP blocking for Caddy via Ansible
Some checks failed
Ansible Lint Check / check-ansible (push) Failing after 37s
Details
Nix Format Check / check-format (push) Failing after 1m39s
Details
Python Lint Check / check-python (push) Failing after 23s
Details

Browse Source 
- Introduce generate_country_blocks.py to fetch IP ranges by country
- Update group_vars/servers.yml with country blocking settings
- Add country_block snippet to Caddyfile and apply to all sites
- Create Ansible tasks for automated IP range generation and integration
- Add documentation for configuring and managing country blocking
This commit is contained in:
Menno van Leeuwen
2025-06-15 01:30:42 +02:00
parent 020c32e8fe
commit 0f35a7b9e2
7 changed files with 487 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
config/ansible/group_vars/servers.yml
View File

@@ -1,3 +1,19 @@
---
flatpaks: false
install_ui_apps: false
# Country blocking configuration for Caddy
# List of countries to block by ISO 3166-1 alpha-2 country codes
# Common examples: CN (China), RU (Russia), KP (North Korea), IR (Iran), BY (Belarus)
blocked_countries_codes:
- CN # China
- RU # Russia
- KP # North Korea
- IR # Iran
# IP ranges for blocked countries (generated automatically)
# This will be populated by the country blocking script
blocked_countries: []
# Enable/disable country blocking globally
enable_country_blocking: true