Skip to content

Commit 5637d9f

Browse files
hellblazer315hellblazer315
authored
Update dashboard.subdomain.conf.sample
Changed from explicit IP ranges to using an included config file. Recommend this shouldn't be merged upstream unless linuxserver/docker-swag#520 is as well. Signed-off-by: hellblazer315 <[email protected]>
1 parent 6f74c4c commit 5637d9f

File tree

1 file changed

+8
-16
lines changed

1 file changed

+8
-16
lines changed

root/dashboard/dashboard.subdomain.conf.sample

Lines changed: 8 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -34,10 +34,8 @@ server {
3434
# enable for Authentik (requires authentik-server.conf in the server block)
3535
#include /config/nginx/authentik-location.conf;
3636

37-
allow 10.0.0.0/8;
38-
allow 172.16.0.0/12;
39-
allow 192.168.0.0/16;
40-
deny all;
37+
# Only permit access from internal IP Addresses
38+
include /config/nginx/internal.conf
4139

4240
try_files $uri $uri/ /index.php$is_args$args =404;
4341
}
@@ -56,10 +54,8 @@ server {
5654
# enable for Authentik (requires authentik-server.conf in the server block)
5755
#include /config/nginx/authentik-location.conf;
5856

59-
allow 10.0.0.0/8;
60-
allow 172.16.0.0/12;
61-
allow 192.168.0.0/16;
62-
deny all;
57+
# Only permit access from internal IP Addresses
58+
include /config/nginx/internal.conf
6359

6460
fastcgi_split_path_info ^(.+\.php)(.*)$;
6561
fastcgi_pass 127.0.0.1:9000;
@@ -104,10 +100,8 @@ server {
104100
# enable for Authentik (requires authentik-server.conf in the server block)
105101
#include /config/nginx/authentik-location.conf;
106102

107-
allow 10.0.0.0/8;
108-
allow 172.16.0.0/12;
109-
allow 192.168.0.0/16;
110-
deny all;
103+
# Only permit access from internal IP Addresses
104+
include /config/nginx/internal.conf
111105

112106
try_files $uri $uri/ /index.php$is_args$args =404;
113107
}
@@ -126,10 +120,8 @@ server {
126120
# enable for Authentik (requires authentik-server.conf in the server block)
127121
#include /config/nginx/authentik-location.conf;
128122

129-
allow 10.0.0.0/8;
130-
allow 172.16.0.0/12;
131-
allow 192.168.0.0/16;
132-
deny all;
123+
# Only permit access from internal IP Addresses
124+
include /config/nginx/internal.conf
133125

134126
fastcgi_split_path_info ^(.+\.php)(.*)$;
135127
fastcgi_pass 127.0.0.1:9000;

0 commit comments

Comments
 (0)