Update HAPRoxy blocked IPs
This commit is contained in:
parent
381a975ce7
commit
bac894811a
1 changed files with 2 additions and 2 deletions
|
@ -52,7 +52,7 @@
|
||||||
|
|
||||||
environment.systemPackages = [ pkgs.cacert ];
|
environment.systemPackages = [ pkgs.cacert ];
|
||||||
|
|
||||||
environment.etc."haproxy/blocked-ips" = ''
|
environment.etc."haproxy-blocked-ips" = ''
|
||||||
# https://openai.com/searchbot.json
|
# https://openai.com/searchbot.json
|
||||||
20.42.10.176/28
|
20.42.10.176/28
|
||||||
172.203.190.128/28
|
172.203.190.128/28
|
||||||
|
@ -326,7 +326,7 @@
|
||||||
bind :80
|
bind :80
|
||||||
bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem
|
bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem
|
||||||
|
|
||||||
acl is-blocked-ip src -f /etc/haproxy/blocked-ips
|
acl is-blocked-ip src -f /etc/haproxy-blocked-ips
|
||||||
http-request deny if is-blocked-ip
|
http-request deny if is-blocked-ip
|
||||||
|
|
||||||
http-request redirect scheme https unless { ssl_fc }
|
http-request redirect scheme https unless { ssl_fc }
|
||||||
|
|
Loading…
Reference in a new issue