Verified Commit 0cc404c0 authored by Giancarlo Razzolini's avatar Giancarlo Razzolini
Browse files

roles/archweb: Define an allowed hosts var

Created a new variable called archweb_allowed_hosts that allows ipxe.archlinux.org
to be served under archweb. We make sure on the nginx template that only a small subset
of the locations is served with weaker ciphers.
parent b7eccef1
......@@ -9,6 +9,7 @@ archweb_domains_redirects:
'packages.archlinux.org': '/packages$request_uri'
archweb_domains_templates:
'ipxe.archlinux.org': 'ipxe.archlinux.org.j2'
archweb_allowed_hosts: ["{{ archweb_domain }}", 'ipxe.archlinux.org']
archweb_nginx_conf: '/etc/nginx/nginx.d/archweb.conf'
archweb_repository: 'https://github.com/archlinux/archweb.git'
archweb_version: release_2019-12-18
......
......@@ -67,7 +67,7 @@ SECRET_KEY = '{{ vault_archweb_secret_key }}'
MAILMAN_PASSWORD = '{{ vault_archweb_mailman_password }}'
# Hostnames we allow this site to be served under
ALLOWED_HOSTS = ['{{ archweb_domain }}']
ALLOWED_HOSTS = [{% for host in archweb_allowed_hosts %}'{{ host }}', {% endfor -%}]
## CDN settings
CDN_ENABLED = False
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment