Verified Commit 016d1860 authored by Florian Pritz's avatar Florian Pritz
Browse files

dbscripts: Support rsync.archlinux.org via HTTPS



This also adds location / {} blocks to make the letsencrypt include
work.

Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 4eaf2d85
...@@ -12,41 +12,43 @@ server { ...@@ -12,41 +12,43 @@ server {
allow all; allow all;
} }
# Server at velocitynet location / {
allow 66.211.214.130; # dom0.archlinux.org. # Server at velocitynet
allow 66.211.214.131; # gudrun.archlinux.org. allow 66.211.214.130; # dom0.archlinux.org.
allow 66.211.214.132; # gerolde.archlinux.org. allow 66.211.214.131; # gudrun.archlinux.org.
allow 2001:470:1f10:717::2/128; # gerolde's tunnel IP allow 66.211.214.132; # gerolde.archlinux.org.
allow 2001:470:1f10:717::2/128; # gerolde's tunnel IP
# Thomas' home # Thomas' home
#allow 87.193.186.180; # port-87-193-186-180.static.qsc.de. #allow 87.193.186.180; # port-87-193-186-180.static.qsc.de.
allow 2001:1a80:3026::/48; allow 2001:1a80:3026::/48;
# orion.archlinux.org # orion.archlinux.org
allow 88.198.91.70; allow 88.198.91.70;
allow 2a01:4f8:160:6087::1; allow 2a01:4f8:160:6087::1;
# brynhild.archlinux.org # brynhild.archlinux.org
allow 176.9.18.112; allow 176.9.18.112;
allow 2a01:4f8:150:1261::2; allow 2a01:4f8:150:1261::2;
# alberich.archlinux.org # alberich.archlinux.org
allow 216.151.172.98; allow 216.151.172.98;
# allison.archlinux.de # allison.archlinux.de
allow 144.76.107.12; allow 144.76.107.12;
allow 2a01:4f8:192:520b::2; allow 2a01:4f8:192:520b::2;
auth_basic "Restricted"; auth_basic "Restricted";
auth_basic_user_file auth/dbscripts.htpasswd; auth_basic_user_file auth/dbscripts.htpasswd;
autoindex on; autoindex on;
}
} }
server { server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name {{ repos_domain }}; server_name {{ repos_domain }} {{repos_rsync_domain}};
root /srv/ftp; root /srv/ftp;
{% if certfile.stat.exists %} {% if certfile.stat.exists %}
...@@ -61,33 +63,35 @@ server { ...@@ -61,33 +63,35 @@ server {
allow all; allow all;
} }
# Server at velocitynet location / {
allow 66.211.214.130; # dom0.archlinux.org. # Server at velocitynet
allow 66.211.214.131; # gudrun.archlinux.org. allow 66.211.214.130; # dom0.archlinux.org.
allow 66.211.214.132; # gerolde.archlinux.org. allow 66.211.214.131; # gudrun.archlinux.org.
allow 2001:470:1f10:717::2/128; # gerolde's tunnel IP allow 66.211.214.132; # gerolde.archlinux.org.
allow 2001:470:1f10:717::2/128; # gerolde's tunnel IP
# Thomas' home # Thomas' home
#allow 87.193.186.180; # port-87-193-186-180.static.qsc.de. #allow 87.193.186.180; # port-87-193-186-180.static.qsc.de.
allow 2001:1a80:3026::/48; allow 2001:1a80:3026::/48;
# orion.archlinux.org # orion.archlinux.org
allow 88.198.91.70; allow 88.198.91.70;
allow 2a01:4f8:160:6087::1; allow 2a01:4f8:160:6087::1;
# brynhild.archlinux.org # brynhild.archlinux.org
allow 176.9.18.112; allow 176.9.18.112;
allow 2a01:4f8:150:1261::2; allow 2a01:4f8:150:1261::2;
# alberich.archlinux.org # alberich.archlinux.org
allow 216.151.172.98; allow 216.151.172.98;
# allison.archlinux.de # allison.archlinux.de
allow 144.76.107.12; allow 144.76.107.12;
allow 2a01:4f8:192:520b::2; allow 2a01:4f8:192:520b::2;
auth_basic "Restricted"; auth_basic "Restricted";
auth_basic_user_file auth/dbscripts.htpasswd; auth_basic_user_file auth/dbscripts.htpasswd;
autoindex on; autoindex on;
}
} }
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment