Versions Compared

Old Version 4

changes.mady.by.user Steve Weber

Saved on

compared with

New Version 5

changes.mady.by.user Steve Weber

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
geo $is_local_uw_ip {
    default no;
    127.0.0.0/8 yes;
    10.0.0.0/8 yes;
    172.16.0.0/12 yes;
    192.168.0.0/16 yes;
    129.97.0.0/16 yes;
}
server {
    ...
    location / {
        if ($is_local_uw_ip = no) {
            return 307 https://checkvpn.uwaterloo.ca/?callback=https://{{vars.server_name}}$request_uri;
            # NOTE: nginx does not have a good way to encode_url for the callback
            # SO: A request like .. ?callback=https://me.com/?x=1&y=2
            # will drop y=2 from the callback!
        }
    }
}

CADDY

In caddy (v2+) Caddy you can define a importable “block” in your CaddyFile to re-use in other parts of your configuration. The following creates a re-usable directive called “block“redirect_off_external”campus”, then uses it in a site configuration:

Code Block
(blockredirect_off_externalcampus) {
    @external not remote_ip \
    127.0.0.0/8 \
    10.0.0.0/8 \
    172.16.0.0/12 \
    192.168.0.0/16 \
    129.97.0.0/16 \
    2620:101:F000::/47 \
    2620:101:f000:700::/56 \
    fd74:6b6a:8eca:504::/64
    redir @external https://checkvpn.uwaterloo.ca/?callback={scheme}://{host}{uri} 307
}

cool-service.uwaterloo.ca {
    import blockredirect_off_externalcampus
    reverse_proxy localhost:8000
}

...