Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

How do I add additional location blocks for a container/url?#2604

AnsweredbySchoNie
beechfuzz asked this question inQ&A
Discussion options

Specifically, for my Vaultwarden container, I want to restrict access to the/admin directory so that only LAN users (172.16.0.0/12) can access it while still allowing unfettered access to the/ directory. I would like to be able to add anadditional location block, similar to this:

location /admin {    # Restrict access to only some IP (LAN IP & VPN)    allow 172.16.0.0/12;    deny all;}
You must be logged in to vote

You don't needVIRTUAL_PATHs indeed. Sorry thePer-VIRTUAL_HOST settings is what you need.

For example, if you have a virtual host named app.example.com, you could provide a custom configuration for that host as follows:

create your virtual host config file:

# content of the app.example.com filelocation /admin {    # Restrict access to only some IP (LAN IP & VPN)    allow 172.16.0.0/12;    deny all;}

mount it to/etc/nginx/vhost.d/app.example.com
Check the Docker Compose File example in the linked documentation how to mount this file in your container.
This will automatically include your config with /admin location as an additional location block.

Replies: 1 comment 3 replies

Comment options

That is in the docs:Per-VIRTUAL_PATH location configuration

You must be logged in to vote
3 replies
@beechfuzz
Comment options

How manyVIRTUAL_PATHs can I specify for a container? Based onthis, it appears as though theVIRTUAL_PATH variable overwrites the default value of/ instead of adding to it, or am I reading it wrong?

For my one, single container, I want the/ path to be unrestricted while the/admin path is restricted to LAN traffic only. So my one, single container should havetwolocation blocks -- one for/ and one for/admin that blocks non-LAN traffic.

@SchoNie
Comment options

You don't needVIRTUAL_PATHs indeed. Sorry thePer-VIRTUAL_HOST settings is what you need.

For example, if you have a virtual host named app.example.com, you could provide a custom configuration for that host as follows:

create your virtual host config file:

# content of the app.example.com filelocation /admin {    # Restrict access to only some IP (LAN IP & VPN)    allow 172.16.0.0/12;    deny all;}

mount it to/etc/nginx/vhost.d/app.example.com
Check the Docker Compose File example in the linked documentation how to mount this file in your container.
This will automatically include your config with /admin location as an additional location block.

Answer selected bybuchdag
@oussjarrousse
Comment options

I am interested in the same question. Did you come up with a good solution@beechfuzz ?
I am trying to make it as generic as possible so that I can use it in many places.
Thank you!

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Category
Q&A
Labels
None yet
3 participants
@beechfuzz@oussjarrousse@SchoNie
[8]ページ先頭
©2009-2025 Movatter.jp