From b5427b39b468a13addb4639d4c55ab28ec7639de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robin=20Fran=C3=A7ois?= <r.francois@docuteam.ch>
Date: Wed, 25 Sep 2024 14:51:19 +0200
Subject: [PATCH] Removing wildcard in the ansible role. Wildcards will have to
 be added when defining the variables

---
 README.md                           | 2 +-
 molecule/reverse-proxy/converge.yml | 2 +-
 templates/Caddyfile.j2              | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index e255c24..002e2f3 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ If you only want to install Caddy, you don't need to set any variables. If you w
 
 * `additional_forwarding_ports`: Allows to define a list with additional ports where Caddy should listen for this domain and forward to HTTPS.
 * `allowlist`: An array of IP addresses in CIDR-notation which are allowed to access this site (Optional). All other visitors receive a 404 error.
-* `useragent_blocklist`: An array of User-Agents which are blocked to access this site (Optional).
+* `useragent_blocklist`: An array of User-Agents which are blocked to access this site (Optional), wildcard characters (*) need to be used for broader matching.
 * `certificate_file`: You can set this variable if you want to provide the certificate by yourself (Optional). The certificate needs permissions `0640`, with root as Owner and Caddy as Group.
 * `certificate_key`: You can set this variable if you want to provide the certificate by yourself (Optional).
 * `domain`: The domain caddy should listen to.
diff --git a/molecule/reverse-proxy/converge.yml b/molecule/reverse-proxy/converge.yml
index 372fa5f..cb70736 100644
--- a/molecule/reverse-proxy/converge.yml
+++ b/molecule/reverse-proxy/converge.yml
@@ -21,7 +21,7 @@
         allowlist:
           - 8.8.8.8/32
         useragent_blocklist:
-          - amazonbot
+          - "*amazonbot*"
         additional_forwarding_ports:
           - '8080'
           - '1337'
diff --git a/templates/Caddyfile.j2 b/templates/Caddyfile.j2
index ba36b12..351b6b1 100644
--- a/templates/Caddyfile.j2
+++ b/templates/Caddyfile.j2
@@ -8,7 +8,7 @@
   {%- if site.useragent_blocklist is defined %}
   @badbots {
     {%- for ua in site.useragent_blocklist %}
-    header User-Agent *{{ ua }}*
+    header User-Agent {{ ua }}
     {%- endfor %}
   }