erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

keycloak: Fix IP filter for admin interface

Browse source
This commit is contained in:
Erwin Boskma 2023-10-23 08:09:38 +02:00
parent 00caf20b11
commit 9be4946bb7
Signed by: erwin
SSH key fingerprint: SHA256:3F6Cm6I3erRqlBwEghZWAQl6eS5WrGTX1Vs/Evec1lQ
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
modules/keycloak/default.nix
View file

@ -26,10 +26,9 @@ in
virtualHosts = {
"${config.services.keycloak.settings.hostname}" = {
serverAliases = [ "heimdall.barn-beaver.ts.net" ];
extraConfig = ''
@public_or_allowed_remote {
expression path('/realms/*', '/resources/*', '/js/*', '/robots.txt') || remote_ip('10.64.0.0/10', '86.85.243.40/32', '2a02:a441:c959:1::/64')
expression path('/realms/*', '/resources/*', '/js/*', '/robots.txt') || remote_ip('86.85.243.40/32', '2a02:a441:c959:1::/64', '100.64.0.0/10', 'fd7a:115c:a1e0:ab12:4843:cd96:6240:0000/106')
}
route {