Skip to content

Commit

Permalink
FEATURE: Add possibility to restrict access to certain client address
Browse files Browse the repository at this point in the history
  • Loading branch information
higidi committed Jan 4, 2023
1 parent d24a1b6 commit bcf68e5
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 0 deletions.
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@ nginx_revproxy_sites: # List of sites to
ssl: false # Set to True if you want to redirect http to https
letsencrypt: false # Set to True if you want to use letsencrypt
conn_upgrade: true # Set the Connection upgrade header values
acls: # Limit access to certain client addresses (values can be address, CIDR, unix or all)
- { mode: allow, value: 192.168.0.1 }
- { mode: deny, value: all }

example.org: # Domain name
domains: # List of server_name aliases
Expand Down
5 changes: 5 additions & 0 deletions templates/reverseproxy.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,11 @@ server {
server_name {{ item.value.domains | join(' ') }};

location / {
{% for acl in item.value.acls | default({}) %}
{% if acl.mode == 'allow' or acl.mode == 'deny' %}
{{ acl.mode | default('deny') }} {{ acl.value }};
{% endif %}
{% endfor %}
gzip off;
client_max_body_size {{ item.value.client_max_body_size | default('50M') }};
proxy_read_timeout {{ item.value.proxy_read_timeout | default('300') }};
Expand Down
5 changes: 5 additions & 0 deletions templates/reverseproxy_ssl.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,11 @@ server {
}

location / {
{% for acl in item.value.acls | default({}) %}
{% if acl.mode == 'allow' or acl.mode == 'deny' %}
{{ acl.mode | default('deny') }} {{ acl.value }};
{% endif %}
{% endfor %}
gzip off;
proxy_set_header X-Forwarded-Ssl on;
client_max_body_size {{ item.value.client_max_body_size | default('50M') }};
Expand Down

0 comments on commit bcf68e5

Please sign in to comment.