Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to ignore allow_list for a certain route #17

Merged
merged 4 commits into from
Jan 12, 2024
Merged

Add option to ignore allow_list for a certain route #17

merged 4 commits into from
Jan 12, 2024

Conversation

tomcbe
Copy link
Collaborator

@tomcbe tomcbe commented Jan 11, 2024

There are cases where most of the routes should only be allowed for the IP addresses defined in allowlist, but certain routes should be available publicly.

@tomcbe
Copy link
Collaborator Author

tomcbe commented Jan 11, 2024

Sorry, I just realised the template is not yet working. I'll give an update, once I fixed the issues and the PR is actually ready for a review.

@tomcbe tomcbe marked this pull request as draft January 11, 2024 14:45
tomcbe added 2 commits January 11, 2024 16:03
@tomcbe
Add optional variable public to routes to ignore site.allowlist
23cc5ea 
There are cases where most of the routes should only be allowed for
the IP addresses defined in `allowlist`, but certain routes should be
available publicly.
@tomcbe
Fix minor indentation issues
3798334
@tomcbe tomcbe force-pushed the add-option-to-not-apply-allowlist-to-a-route branch from 522a8e2 to 3798334 Compare January 11, 2024 15:18
@tomcbe tomcbe marked this pull request as ready for review January 11, 2024 15:30
@tomcbe
Copy link
Collaborator Author

tomcbe commented Jan 11, 2024

Would now be ready for a review.

andyundso
andyundso suggested changes Jan 12, 2024
View reviewed changes
Copy link
Contributor

@andyundso andyundso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would appreciate if you can extend the reverse-proxy Molecule testing scenario. I imagine:

  • in molecule/reverse-proxy/converge.yml, add an additional entry to caddy_sites like mixed.example.com, one route will use an allowlist and the other one will be public.
  • Run molecule create && molecule converge
  • Copy the generated Caddyfile from the Molecule container (using molecule login, the Caddyfile is at /etc/caddy/Caddyfile) to molecule/reverse-proxy/files/Caddyfile.expected.

@tomcbe
Copy link
Collaborator Author

tomcbe commented Jan 12, 2024

I would appreciate if you can extend the reverse-proxy Molecule testing scenario. I imagine:

Sure, I'll do that.

@tomcbe
Copy link
Collaborator Author

tomcbe commented Jan 12, 2024

As just discussed on slack: I'll change the name of the new variable to ignore_allow_list as suggested by @docuteam-kun.

@tomcbe tomcbe changed the title Add optional variable public to routes to ignore site.allowlist Add option to ignore allow_list for a certain route Jan 12, 2024
andyundso
andyundso approved these changes Jan 12, 2024
View reviewed changes
Copy link
Contributor

@andyundso andyundso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

perfect, thank you very much!

@andyundso andyundso merged commit 3b9f928 into simplificator:master Jan 12, 2024
13 checks passed
@tomcbe tomcbe deleted the add-option-to-not-apply-allowlist-to-a-route branch January 12, 2024 21:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andyundso andyundso andyundso approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tomcbe @andyundso