From e541958dd68d1c67ae172e6562606cc2f0ca0b80 Mon Sep 17 00:00:00 2001 From: Julien Cristau Date: Fri, 23 Feb 2018 16:06:26 +0100 Subject: [PATCH] Revert "Make security -> security-cdn redirect global, not just for the linux package" I need to update the mirror health check to account for this. This reverts commit d8b6b760a99f36fc6bf6088b8e998c1d67d46ab6. --- .../templates/security_mirror/security.debian.org.erb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/roles/templates/security_mirror/security.debian.org.erb b/modules/roles/templates/security_mirror/security.debian.org.erb index 52e7950b9..3d79591dd 100644 --- a/modules/roles/templates/security_mirror/security.debian.org.erb +++ b/modules/roles/templates/security_mirror/security.debian.org.erb @@ -44,7 +44,13 @@ <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>" <% end %> - RewriteRule ^/(.*) http://security-cdn.debian.org/$1 [L,R=302] + RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302] + RewriteCond %{HTTP:Fastly-Client-IP} !. [NV] + RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront" + <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> + RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>" + <% end %> + RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302] CustomLog /var/log/apache2/security.debian.org-access.log privacy ServerSignature On -- 2.20.1