projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
010-security.debian.org.conf: explicitly bind to localhost
[mirror/dsa-puppet.git]
/
modules
/
roles
/
templates
/
security_mirror
/
security.debian.org.erb
diff --git
a/modules/roles/templates/security_mirror/security.debian.org.erb
b/modules/roles/templates/security_mirror/security.debian.org.erb
index
52e7950
..
9177327
100644
(file)
--- a/
modules/roles/templates/security_mirror/security.debian.org.erb
+++ b/
modules/roles/templates/security_mirror/security.debian.org.erb
@@
-3,7
+3,7
@@
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
-<VirtualHost *:80>
+<VirtualHost *:80
127.0.0.1:80 [::1]:80
>
ServerAdmin debian-admin@debian.org
DocumentRoot /srv/mirrors/debian-security
ServerPath /debian-security
ServerAdmin debian-admin@debian.org
DocumentRoot /srv/mirrors/debian-security
ServerPath /debian-security
@@
-41,12
+41,16
@@
RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+ RewriteCond %{HTTP_USER_AGENT} "!check_http"
+ RewriteCond %{HTTP_USER_AGENT} "!dsa-check-mirrorsync"
+ RewriteCond %{HTTP_USER_AGENT} "!mirror-health"
<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
<% end %>
<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
<% end %>
+ RewriteCond %{REQUEST_URI} "!=/_health"
RewriteRule ^/(.*) http://security-cdn.debian.org/$1 [L,R=302]
RewriteRule ^/(.*) http://security-cdn.debian.org/$1 [L,R=302]
- CustomLog /var/log/apache2/security.debian.org-access.log
privacy
+ CustomLog /var/log/apache2/security.debian.org-access.log
combined
ServerSignature On
</VirtualHost>
ServerSignature On
</VirtualHost>