haproxy-manager-base

cloud-hosting-platform/haproxy-manager-base

Fork 0

Commit Graph

Author	SHA1	Message	Date
Josh Knapp	1ff51da6f0	sanitize public mirror: drop personal IP and infra/customer hostnames All checks were successful Build and push coraza-spoa / Build-and-Push (push) Successful in 1m49s Details HAProxy Manager Build and Push / Build-and-Push (push) Successful in 1m55s Details - trusted_ips.{list,map}: replace home IP with 127.0.0.1 + usage notes - skill: resolve deploy host from gitignored target-host.local, ask if unset (no hardcoded server FQDN); customer host in WAF test -> <live-vhost> - README / coraza README: registry FQDN in run examples -> placeholder - 403 block page: drop hardcoded support link -> contact provider support - CLAUDE.md: note whitelist files ship without real IPs - .gitignore: ignore target-host.local and *.local Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 06:32:15 -07:00
Josh Knapp	58bb5b4f18	Fix: remove comments from trusted IP files breaking HAProxy startup Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 14:19:29 -07:00
Josh Knapp	978f173814	Add trusted IP whitelist for rate limit bypass Adds trusted_ips.list and trusted_ips.map files that exempt specific IPs from all rate limiting rules. Supports both direct source IP matching (is_trusted_ip) and proxy-header real IP matching (is_whitelisted). Files are baked into the image and can be updated by editing and rebuilding. Adds phone system IP 172.116.197.166 to the whitelist. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 13:39:41 -07:00

Author

SHA1

Message

Date

Josh Knapp

1ff51da6f0

sanitize public mirror: drop personal IP and infra/customer hostnames

Build and push coraza-spoa / Build-and-Push (push) Successful in 1m49s

Details

HAProxy Manager Build and Push / Build-and-Push (push) Successful in 1m55s

Details

- trusted_ips.{list,map}: replace home IP with 127.0.0.1 + usage notes
- skill: resolve deploy host from gitignored target-host.local, ask if unset
  (no hardcoded server FQDN); customer host in WAF test -> <live-vhost>
- README / coraza README: registry FQDN in run examples -> placeholder
- 403 block page: drop hardcoded support link -> contact provider support
- CLAUDE.md: note whitelist files ship without real IPs
- .gitignore: ignore target-host.local and *.local

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-04 06:32:15 -07:00

Josh Knapp

58bb5b4f18

Fix: remove comments from trusted IP files breaking HAProxy startup

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-31 14:19:29 -07:00

Josh Knapp

978f173814

Add trusted IP whitelist for rate limit bypass

Adds trusted_ips.list and trusted_ips.map files that exempt specific
IPs from all rate limiting rules. Supports both direct source IP
matching (is_trusted_ip) and proxy-header real IP matching
(is_whitelisted). Files are baked into the image and can be updated
by editing and rebuilding.

Adds phone system IP 172.116.197.166 to the whitelist.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-31 13:39:41 -07:00

3 Commits