diff options
Diffstat (limited to 'ansible/host_vars')
| -rw-r--r-- | ansible/host_vars/lovelace/nginx.yml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ansible/host_vars/lovelace/nginx.yml b/ansible/host_vars/lovelace/nginx.yml index be10ebc..2179c2c 100644 --- a/ansible/host_vars/lovelace/nginx.yml +++ b/ansible/host_vars/lovelace/nginx.yml @@ -13,6 +13,14 @@ nginx_configs: ssl_verify_client on; location / { + if ($reject) { return 403; } + proxy_pass http://localhost:9090; } } + + map $ssl_client_s_dn $reject { + default 1; + CN=sudo.access.tls.pydis.wtf 0; + CN=prometheus.access.tls.pydis.wtf 0; + } |