From c52c4e9705290f1fcd967b2ad40bb15bc13d2963 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 4 Sep 2019 16:02:07 -0400 Subject: [PATCH] Generalize+explain LAN-side 172.18.96.1/255.255.224.0 --- roles/nextcloud/templates/nextcloud.conf.j2 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/nextcloud/templates/nextcloud.conf.j2 b/roles/nextcloud/templates/nextcloud.conf.j2 index f3f717a63..ef80b4b59 100644 --- a/roles/nextcloud/templates/nextcloud.conf.j2 +++ b/roles/nextcloud/templates/nextcloud.conf.j2 @@ -12,14 +12,15 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: Require all granted # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: - #Require ip 127.0.0.1 172.18.96.1/255.255.224.0 192.168 10 + #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10 {% else %} # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: #Require all granted # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: - Require ip 127.0.0.1 172.18.96.1/255.255.224.0 192.168 10 + Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10 {% endif %} - # AVOID THIS LINE WHICH CAUSES PROBLEMS IN SCHOOLS WITH 192.168.1.x etc: +{# Reminder that {{ lan_ip }}/{{ lan_netmask }} is 172.18.96.1/255.255.224.0 #} + # AVOID THIS LINE AS IT OVERLY RESTRICTS SCHOOLS W/ 192.168.1.x, 10.x.y.z: #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0