]> git.openstreetmap.org Git - chef.git/commitdiff
Update ACLs to include equinix IP addresses
authorTom Hughes <tom@compton.nu>
Tue, 17 Dec 2024 11:58:37 +0000 (11:58 +0000)
committerTom Hughes <tom@compton.nu>
Tue, 17 Dec 2024 11:58:37 +0000 (11:58 +0000)
cookbooks/tile/templates/default/apache.erb
roles/backup.rb

index 9652ec8253ba6400ebdfcb5f3c8feba583657b12..767baf3e3c7a13ec3029c4b808d6638aff05ddc1 100644 (file)
 <% @admins.sort.each do |address| -%>
     Require ip <%= address %>
 <% end -%>
-    # OSM Amsterdam IPv4
+    # OSM Amsterdam IPv4 (he.net)
     Require ip 184.104.179.128/27
-    # OSM Amsterdam IPv6
+    # OSM Amsterdam IPv4 (equinix)
+    Require ip 82.199.86.96/27
+    # OSM Amsterdam IPv6 (he.net)
     Require ip 2001:470:1:fa1::/64
-    # OSM Dublin IPv4
+    # OSM Amsterdam IPv6 (equinix)
+    # Require ip
+    # OSM Dublin IPv4 (he.net)
     Require ip 184.104.226.96/27
-    # OSM Dublin IPv6
+    # OSM Dublin IPv4 (equinix)
+    Require ip 87.252.214.96/27
+    # OSM Dublin IPv6 (he.net)
     Require ip 2001:470:1:b3b::/64
+    # OSM Dublin IPv6 (equinix)
+    Require ip 2001:4d78:fe03:1c::/64
     # OSM UCL IPv4
     Require ip 193.60.236.0/24
   </LocationMatch>
index 00c73fd820301427e1b7742d74656e6ff491989e..f60e444c421cfc58279cbdc6f342d7d221276e77 100644 (file)
@@ -16,11 +16,15 @@ default_attributes(
         :hosts_allow => [
           "193.60.236.0/24",                     # ucl external
           "10.0.48.0/20",                        # amsterdam internal
-          "184.104.179.128/27",                  # amsterdam external
-          "2001:470:1:fa1::/64",                 # amsterdam external
+          "184.104.179.128/27",                  # amsterdam external (he.net)
+          "2001:470:1:fa1::/64",                 # amsterdam external (he.net)
+          "82.199.86.96/27",                     # amsterdam external (equinix)
+          # "/64",                                 # amsterdam external (equinix)
           "10.0.64.0/20",                        # dublin internal
-          "184.104.226.96/27",                   # dublin external
-          "2001:470:1:b3b::/64",                 # dublin external
+          "184.104.226.96/27",                   # dublin external (he.net)
+          "2001:470:1:b3b::/64",                 # dublin external (he.net)
+          "87.252.214.96/27",                    # dublin external (equinix)
+          "2001:4d78:fe03:1c::/64",              # dublin external (equinix)
           "10.0.32.0/20",                        # bytemark internal
           "89.16.162.16/28",                     # bytemark external
           "2001:41c9:2:d6::/64",                 # bytemark external
@@ -46,11 +50,15 @@ default_attributes(
         :hosts_allow => [
           "193.60.236.0/24",          # ucl external
           "10.0.48.0/20",             # amsterdam internal
-          "184.104.179.128/27",       # amsterdam external
-          "2001:470:1:fa1::/64",      # amsterdam external
+          "184.104.179.128/27",       # amsterdam external (he.net)
+          "2001:470:1:fa1::/64",      # amsterdam external (he.net)
+          "82.199.86.96/27",          # amsterdam external (equinix)
+          # "/64",                     # amsterdam external (equinix)
           "10.0.64.0/20",             # dublin internal
-          "184.104.226.96/27",        # dublin external
-          "2001:470:1:b3b::/64",      # dublin external
+          "184.104.226.96/27",        # dublin external (he.net)
+          "2001:470:1:b3b::/64",      # dublin external (he.net)
+          "87.252.214.96/27",         # dublin external (equinix)
+          "2001:4d78:fe03:1c::/64",   # dublin external (equinix)
           "10.0.32.0/20",             # bytemark internal
           "89.16.162.16/28",          # bytemark external
           "2001:41c9:2:d6::/64",      # bytemark external