From 805a900f8ad5dbb73151a5b5f0dc02bca4ec2ece Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sun, 14 Jul 2024 15:45:36 -0500 Subject: [PATCH] gw1/squid: Allow Invoice Ninja to Stripe API HLC uses Invoice Ninja Stripe integration to process credit card payments from parents. --- host_vars/gw1.pyrocufflink.blue/squid.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/host_vars/gw1.pyrocufflink.blue/squid.yml b/host_vars/gw1.pyrocufflink.blue/squid.yml index 4231c21..1f6882b 100644 --- a/host_vars/gw1.pyrocufflink.blue/squid.yml +++ b/host_vars/gw1.pyrocufflink.blue/squid.yml @@ -7,6 +7,8 @@ squid_acl: - 'src fe80::/10 # RFC 4291 link-local (directly plugged) machines' trusted: - src 172.30.0.0/26 + kubernetes: + - src 172.30.0.160/28 SSL_ports: - port 443 Safe_ports: @@ -32,6 +34,8 @@ squid_acl: - dstdomain fonts.gstatic.com grafana_rpm: - dstdomain rpm.grafana.com + stripe_api: + - dstdomain api.stripe.com squid_http_access: - 'deny !Safe_ports' @@ -45,6 +49,7 @@ squid_http_access: - allow google_fonts - allow trusted kickstart - allow trusted dch_repo +- allow kubernetes stripe_api - deny all squid_cache_dir: