From d20aced53b712336a1ec216d38ecf6f79c0f9626 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 27 Jan 2024 16:08:57 +0200
Subject: [PATCH] Router: Revert the IP restriction on HTTP.

It breaks the Let's Encrypt renewal workflow.
---
 Ansible/roles/router/files/haproxy.cfg | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/Ansible/roles/router/files/haproxy.cfg b/Ansible/roles/router/files/haproxy.cfg
index 94830ff..1b6a0f6 100644
--- a/Ansible/roles/router/files/haproxy.cfg
+++ b/Ansible/roles/router/files/haproxy.cfg
@@ -27,16 +27,6 @@ frontend http
         acl kodi hdr(host) -i kodi.shore.co.il
         acl kodi hdr(host) -i library.shore.co.il
         acl kodi hdr(host) -i transmission.shore.co.il
-        acl lam hdr(host) -i lam.shore.co.il
-        acl auth hdr(host) -i auth.shore.co.il
-        acl private_ip src 127.0.0.1/8
-        acl private_ip src 10.0.0.0/8
-        acl private_ip src 192.168.0.0/16
-        acl private_ip src 172.16.0.0/12
-        acl shore_ip src 62.219.131.121
-        acl shore_ip src 163.172.74.36
-        http-request deny if lam !private_ip
-        http-request deny if auth !shore_ip !private_ip
         use_backend kodi_http if kodi
         default_backend host01_http
 
-- 
GitLab