From 873f862963684c5dab599d5b9ef1659c31210236 Mon Sep 17 00:00:00 2001 From: Clark Boylan Date: Tue, 11 Mar 2025 16:03:41 -0700 Subject: [PATCH] Drop public port 3000 access for Gitea The web bot crawlers have discovered port 3000 and have brought gitea09 to its knees. Block port 3000 access and force traffic through the proxies which help moderate things better. Change-Id: I16f55a7ebb222466b8823cfee7c4ac8c628ff5b1 --- inventory/service/group_vars/gitea.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/inventory/service/group_vars/gitea.yaml b/inventory/service/group_vars/gitea.yaml index 0dfc08d394..06705a7068 100644 --- a/inventory/service/group_vars/gitea.yaml +++ b/inventory/service/group_vars/gitea.yaml @@ -6,6 +6,5 @@ gitea_gerrit_public_key_A: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCIEIT8l3h/BoIzK gitea_gerrit_public_key_B: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCIEIT8l3h/BoIzKl7iDCui+7LB5KAzSW0EPGJxzk6/LREVo6riwY5J1aj9tLvC003ejICYKH7v7x/YICuOPwAOvC1R3LLDGSPMavwfCPUCtXeDe1heYsg1ngxkvd7ipNSHVF2chapgb+FwUqqgcnxD/2jf7HWw06/fdr9ahlNhA2HrZeZlyeo7F57Mj+C2Aq6nOCpvaZXqZ7LIcREd3EleB7+gDihD8qM0VPbxZuQrHMPumxa/l0aysmMz7RPmvzpTnFy5AYR/fcbJ/NFKjITxlUHWWBgJgKI5vrodJjRdPM5uylq+7xOkhvyZNHEYqrhBeylLXQG9JPoBpGBraKHonT2IdeBlFTi4ONypaicH9/Rdm7xCppC3rfLZwEexZgOYaoMlnC2eCJAVs1CDc7Jm91XckS15zhNdBBPV1vCpWCPrPwHSjk6JkDv8bh0zNd6IaRZxc1Bsu7bpKIKlD/ZINm9pdtrGaquEFQLpdEu4obYpqIkfDnTuBUMeOZDtyNUhtvVIo+re3orwTOFiNycB/+Z2kZiH/C82atSTh1LJrsfMeME0eKUuFyEzD+Kf2WZ8XvShx6zMMYiq6GibAQ2szz0rLESIblWEJEtZ7dT9zfoV0zyykTn6rsBBCMcXvuTeXpd3h7wz1Aj3WytIDdISCwOJutxQV1onVxx7lYii6w== gerrit@gitea.opendev.org-20231130 iptables_extra_public_tcp_ports: - 222 - - 3000 - 3080 - 3081 # see above; reverse proxy