From 098028cdac22b74e5e52e9a1833e41d25f0a0f45 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 4 Sep 2019 14:29:50 -0400 Subject: [PATCH] New var nextcloud_allow_public_ips --- roles/nextcloud/templates/nextcloud.conf.j2 | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/nextcloud/templates/nextcloud.conf.j2 b/roles/nextcloud/templates/nextcloud.conf.j2 index a2bd40edc..0ab229424 100644 --- a/roles/nextcloud/templates/nextcloud.conf.j2 +++ b/roles/nextcloud/templates/nextcloud.conf.j2 @@ -8,10 +8,13 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud # Apache 2.4 # http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html Require host localhost +{% if nextcloud_allow_public_ips %} # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: Require all granted - # WANT BASIC SECURITY BASED ON IPv4 ADDRESSES? THEN USE THIS LINE INSTEAD: - #Require ip 127.0.0.1 172.18.96.1/255.255.224.0 192.168 10 +{% else %} + # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: + Require ip 127.0.0.1 172.18.96.1/255.255.224.0 192.168 10 +{% endif %} # AVOID THIS LINE WHICH CAUSES PROBLEMS IN SCHOOLS WITH 192.168.1.x etc: #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0