Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (4)
config/debian-security: update apache2.conf
· 5e460931
Ansgar
authored
Aug 04, 2018
5e460931
config/debian-security/apache2.conf: allow access from ftp-master.d.o
· 286522d2
Ansgar
authored
Aug 04, 2018
286522d2
config/debian/dak.conf: add johns@d.o as keyring maintainer (Closes: #907861)
· 3cf9c7fd
Ansgar
authored
Sep 05, 2018
3cf9c7fd
Merge branch 'master' into deploy
· caaa06eb
Ansgar
authored
Sep 05, 2018
caaa06eb
Show whitespace changes
Inline
Side-by-side
config/debian-security/apache.conf
View file @
caaa06eb
...
...
@@ -8,38 +8,16 @@ BrowserMatch EmailSiphon spammer
ServerAdmin
team
@
security
.
debian
.
org
DocumentRoot
/
srv
/
security
-
master
.
debian
.
org
/
htdocs
-
security
-
master
<
Directory
/
srv
/
security
-
master
.
debian
.
org
/
htdocs
-
security
-
master
>
Require
all
granted
</
Directory
>
ErrorLog
/
var
/
log
/
apache2
/
security
-
master
.
debian
.
org
-
error
.
log
CustomLog
/
var
/
log
/
apache2
/
security
-
master
.
debian
.
org
-
access
.
log
combined
LogLevel
warn
Alias
/
debian
-
security
/
srv
/
security
.
debian
.
org
/
archive
/
debian
-
security
/
Alias
/
debian
-
security
-
buildd
/
srv
/
security
-
master
.
debian
.
org
/
buildd
/
debian
-
security
-
buildd
/
Alias
/
buildd
/ /
srv
/
security
-
master
.
debian
.
org
/
buildd
/
<
LocationMatch
"^/(buildd|buildd-squeeze|buildd-wheezy|debian-security|debian-security-buildd)/"
>
order
deny
,
allow
deny
from
all
Use
DebianBuilddHostList
# spohr.debian.org - not in list of buildds generated by puppet
allow
from
192
.
25
.
206
.
33
# whitelisted for Joerg Jaspert
allow
from
78
.
46
.
40
.
15
allow
from
2001
:
4
dd0
:
ff00
:
df
::
2
allow
from
213
.
146
.
108
.
162
allow
from
2
a01
:
198
:
5
d0
:
0
:
21
c
:
c0ff
:
fead
:
e3a3
AuthName
"security.debian.org"
AuthType
Basic
AuthUserFile
/
srv
/
security
-
master
.
debian
.
org
/
apache
.
htpasswd
require
valid
-
user
# either valid IP address or valid user are sufficient
satisfy
any
</
LocationMatch
>
RewriteEngine
on
RewriteRule
^/$
https
://
www
.
debian
.
org
/
security
/
</
Macro
>
<
VirtualHost
*:
80
>
...
...
@@ -51,5 +29,28 @@ BrowserMatch EmailSiphon spammer
Use
SecurityMasterConfiguration
Use
common
-
debian
-
service
-
ssl
security
-
master
.
debian
.
org
Use
common
-
ssl
-
HSTS
Use
http
-
pkp
-
security
-
master
.
debian
.
org
Alias
/
debian
-
security
/
srv
/
security
.
debian
.
org
/
archive
/
debian
-
security
/
Alias
/
debian
-
security
-
buildd
/
srv
/
security
-
master
.
debian
.
org
/
buildd
/
debian
-
security
-
buildd
/
<
LocationMatch
"^/(debian-security|debian-security-buildd)/"
>
Use
DebianBuilddHostList
# ftp-master.d.o; for code-signing service
Require
ip
138
.
16
.
160
.
17
# whitelisted for Joerg Jaspert
Require
ip
78
.
46
.
40
.
15
Require
ip
2001
:
4
dd0
:
ff00
:
df
::
2
Require
ip
213
.
146
.
108
.
162
Require
ip
2
a01
:
198
:
5
d0
:
0
:
21
c
:
c0ff
:
fead
:
e3a3
# AuthName "security.debian.org"
# AuthType Basic
# AuthUserFile /srv/security-master.debian.org/apache.htpasswd
# Require valid-user
</
LocationMatch
>
</
VirtualHost
>
config/debian/dak.conf
View file @
caaa06eb
...
...
@@ -301,6 +301,7 @@ Command::DM {
Command
::
DM
-
Admin
{
AdminFingerprints
{
"AB41C1C68AFD668CA045EBF8673A03E4C1DB921F"
; //
gwolf
"A4626CBAFF376039D2D7554497BA9CE761A0963B"
; //
johns
"0E3A94C3E83002DAB88CCA1694FA372B2DA8B985"
; //
noodles
"80E976F14A508A48E9CA3FE9BC372252CA1CF964"
; //
ansgar
...
...
