Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Docker client wants to check /v2/.... Allow /v2/ from outside but not internally

Browse source 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk 2018-06-12 23:21:07 +02:00
parent ae57973eee
commit b2f08b8b00
1 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
roles/httpd/reverseproxy/templates/reversepassproxy.candidate-registry.conf
View file

@ -27,7 +27,15 @@ ProxyPassReverse {{ localpath }} {{ proxyurl }}{{remotepath}}
AuthName "Candidate Registry Authentication" AuthName "Candidate Registry Authentication"
AuthType Basic AuthType Basic
AuthUserFile /etc/httpd/conf.d/candidate-registry.fedoraproject.org/passwd AuthUserFile /etc/httpd/conf.d/candidate-registry.fedoraproject.org/passwd
<RequireAny>
Require valid-user Require valid-user
<RequireAll>
Require not ip 10.5
# This require is because otherwise apache thinks the Require not ip is useless
Require method GET
</RequireAll>
</RequireAny>
</Location> </Location>
# But we allow random pulling by anyone without auth # But we allow random pulling by anyone without auth