allow token as URL parameter from (new IP address of) git.debian.org only

1 files changed, 4 insertions, 3 deletions

diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net
index a456432d..40ab7c19 100644
--- a/etc/apache2/sites-available/jenkins.debian.net
+++ b/etc/apache2/sites-available/jenkins.debian.net
@@ -79,10 +79,11 @@ NameVirtualHost *:443
 
 	# allow certain params only from alioth (token is used to trigger builds)
 	RewriteEngine on
-	RewriteCond %{REMOTE_ADDR} !217\.196\.43\.140
-	# git.d.o is really vasks.d.o, so just allowing this trigger from any debian host should be fine. Anyone can run curl on alioth anyway
+	RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21
+	# git.d.o is really moszumanska.d.o
+	# FIXME: REMOTE_HOST surely must work somehow? Anyone can run curl on alioth anyway, so just allowing this trigger from any debian host should be fine, I just couldnt make this work: (so its disabled instead...)
+	# Until then etc/cron.daily/jenkins checks for changes in the IP address... which is a hack hack hack :)
 	#RewriteCond %{REMOTE_HOST} !.*.debian.org
-	# FIXME: REMOTE_HOST surely must work somehow? Also see etc/cron.daily/jenkins
 	RewriteCond %{QUERY_STRING} token
 	RewriteRule ^ - [F]