[Git][ftp-team/dak][master] 2 commits: config/debian-security: update apache2.conf

Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Git][ftp-team/dak][master] 2 commits: config/debian-security: update apache2.conf

Ansgar Burchardt-8
GitLab

Ansgar Burchardt pushed to branch master at Debian FTP Team / dak

Commits:

  • 5e460931
    by Ansgar Burchardt at 2018-08-04T12:51:40Z
    config/debian-security: update apache2.conf
    
  • 286522d2
    by Ansgar Burchardt at 2018-08-04T12:53:18Z
    config/debian-security/apache2.conf: allow access from ftp-master.d.o
    

1 changed file:

Changes:

  • config/debian-security/apache.conf
    ... ... @@ -8,38 +8,16 @@ BrowserMatch EmailSiphon spammer
    8 8
       ServerAdmin team@security.debian.org
    
    9 9
     
    
    10 10
       DocumentRoot /srv/security-master.debian.org/htdocs-security-master
    
    11
    +  <Directory /srv/security-master.debian.org/htdocs-security-master>
    
    12
    +    Require all granted
    
    13
    +  </Directory>
    
    11 14
     
    
    12 15
       ErrorLog /var/log/apache2/security-master.debian.org-error.log
    
    13 16
       CustomLog /var/log/apache2/security-master.debian.org-access.log combined
    
    14 17
       LogLevel warn
    
    15 18
     
    
    16
    -  Alias /debian-security /srv/security.debian.org/archive/debian-security/
    
    17
    -  Alias /debian-security-buildd /srv/security-master.debian.org/buildd/debian-security-buildd/
    
    18
    -  Alias /buildd/ /srv/security-master.debian.org/buildd/
    
    19
    -
    
    20
    -  <LocationMatch "^/(buildd|buildd-squeeze|buildd-wheezy|debian-security|debian-security-buildd)/">
    
    21
    -    order deny,allow
    
    22
    -    deny from all
    
    23
    -
    
    24
    -    Use DebianBuilddHostList
    
    25
    -
    
    26
    -    # spohr.debian.org - not in list of buildds generated by puppet
    
    27
    -    allow from 192.25.206.33
    
    28
    -
    
    29
    -    # whitelisted for Joerg Jaspert
    
    30
    -    allow from 78.46.40.15
    
    31
    -    allow from 2001:4dd0:ff00:df::2
    
    32
    -    allow from 213.146.108.162
    
    33
    -    allow from 2a01:198:5d0:0:21c:c0ff:fead:e3a3
    
    34
    -
    
    35
    -    AuthName "security.debian.org"
    
    36
    -    AuthType Basic
    
    37
    -    AuthUserFile /srv/security-master.debian.org/apache.htpasswd
    
    38
    -    require valid-user
    
    39
    -
    
    40
    -    # either valid IP address or valid user are sufficient
    
    41
    -    satisfy any
    
    42
    -  </LocationMatch>
    
    19
    +  RewriteEngine on
    
    20
    +  RewriteRule ^/$      https://www.debian.org/security/
    
    43 21
     </Macro>
    
    44 22
     
    
    45 23
     <VirtualHost *:80>
    
    ... ... @@ -51,5 +29,28 @@ BrowserMatch EmailSiphon spammer
    51 29
       Use SecurityMasterConfiguration
    
    52 30
       Use common-debian-service-ssl security-master.debian.org
    
    53 31
       Use common-ssl-HSTS
    
    32
    +  Use http-pkp-security-master.debian.org
    
    33
    +
    
    34
    +  Alias /debian-security /srv/security.debian.org/archive/debian-security/
    
    35
    +  Alias /debian-security-buildd /srv/security-master.debian.org/buildd/debian-security-buildd/
    
    36
    +
    
    37
    +  <LocationMatch "^/(debian-security|debian-security-buildd)/">
    
    38
    +    Use DebianBuilddHostList
    
    39
    +
    
    40
    +    # ftp-master.d.o; for code-signing service
    
    41
    +    Require ip 138.16.160.17
    
    42
    +
    
    43
    +    # whitelisted for Joerg Jaspert
    
    44
    +    Require ip 78.46.40.15
    
    45
    +    Require ip 2001:4dd0:ff00:df::2
    
    46
    +    Require ip 213.146.108.162
    
    47
    +    Require ip 2a01:198:5d0:0:21c:c0ff:fead:e3a3
    
    48
    +
    
    49
    +#    AuthName "security.debian.org"
    
    50
    +#    AuthType Basic
    
    51
    +#    AuthUserFile /srv/security-master.debian.org/apache.htpasswd
    
    52
    +#    Require valid-user
    
    53
    +
    
    54
    +  </LocationMatch>
    
    54 55
     </VirtualHost>
    
    55 56