vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added bypass for local and server access to caddy proxy services
Some checks failed
Ansible Lint Check / check-ansible (push) Failing after 33s
Details
Nix Format Check / check-format (push) Failing after 1m35s
Details
Python Lint Check / check-python (push) Failing after 21s
Details

Browse Source
This commit is contained in:
Menno van Leeuwen
2025-06-16 00:18:49 +00:00
parent 247aa2d733
commit f2dbcb25fe
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/ansible/tasks/servers/services/caddy/Caddyfile.j2
View File

@@ -8,7 +8,11 @@
# Country blocking snippet using MaxMind GeoLocation - reusable across all sites
{% if enable_country_blocking | default(false) and allowed_countries_codes | default([]) | length > 0 %}
(country_block) {
@allowed_local {
remote_ip 127.0.0.1 ::1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 157.180.41.167 2a01:4f9:c013:1a13::1
}
@not_allowed_countries {
not remote_ip 127.0.0.1 ::1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 157.180.41.167 2a01:4f9:c013:1a13::1
not {
maxmind_geolocation {
db_path "/etc/caddy/geoip/GeoLite2-Country.mmdb"