mirror of
https://github.com/aarmea/fahrengit-451.git
synced 2026-03-22 08:58:15 +00:00
08d61b7ac7
Change written by Claude Code: ❯ Consider the geofencing rules defined at <config/geo_rules.yml> and consumed by <geoblock_watcher/watcher.py>. Make it so that you can pass in an HTML file response instead of a short plain text body. For this exercise, you may assume that the entire contents of the HTML (HTML, CSS, JS, image resources) will be included inline in the file. You may have to modify the <docker-compose.yml> to provide a new (read-only) bind-mount for these files.
52 lines
2.5 KiB
Text
52 lines
2.5 KiB
Text
# geo_rules.yml
|
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
# Define geo-blocking rules per repository.
|
|
#
|
|
# Each entry targets a Forgejo repository identified by its URL path
|
|
# (/<owner>/<repo>). When a request for that repo (or any sub-path, e.g.
|
|
# /<owner>/<repo>.git or /<owner>/<repo>/raw/…) arrives from a blocked
|
|
# locale, nginx returns the configured HTTP status and body.
|
|
#
|
|
# Locale format:
|
|
# Country only : "US" (ISO 3166-1 alpha-2)
|
|
# Country+State : "US-CA" (ISO 3166-2, country + subdivision code)
|
|
#
|
|
# You can mix country-level and state-level rules in the same repo block.
|
|
# More-specific rules (state) take precedence over less-specific ones (country)
|
|
# because the watcher renders them first in the nginx map block.
|
|
#
|
|
# status: Any valid HTTP status code. 451 ("Unavailable For Legal Reasons")
|
|
# is the semantically correct choice for legal/jurisdiction blocks.
|
|
# body : Plain-text response body. Keep it short — it is embedded directly
|
|
# in the nginx config as a string literal.
|
|
# body_file : Path to a self-contained HTML file (relative to config/geoblock_pages/)
|
|
# served as the response body instead of a plain-text string. The
|
|
# file must be self-contained (all CSS, JS, and image resources
|
|
# inlined) because it is served directly by nginx.
|
|
# Use either body or body_file — not both — for a given rule.
|
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
|
|
repos:
|
|
|
|
- path: /alice/secret-project
|
|
rules:
|
|
- locales: ["US-CA", "US-TX"]
|
|
status: 451
|
|
body: "This repository is unavailable in your jurisdiction."
|
|
- locales: ["DE", "FR"]
|
|
status: 403
|
|
body: "Access to this repository is restricted in your country."
|
|
|
|
- path: /alice/another-repo
|
|
rules:
|
|
- locales: ["CN", "RU"]
|
|
status: 403
|
|
body: "Access denied."
|
|
|
|
# Template — copy and fill in for each additional repo:
|
|
# - path: /owner/repo-name
|
|
# rules:
|
|
# - locales: ["XX", "XX-YY"]
|
|
# status: 403
|
|
# body: "Access restricted."
|
|
# # body_file: blocked.html # OR: HTML file in config/geoblock_pages/
|