From 43a1b5bb5840e9838ca0f59f35a960d1bfe00592 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Fri, 12 Mar 2021 11:26:13 +0100
Subject: [PATCH] [moinmoin] Fix subnets for ENS and Aurore

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
 roles/moinmoin/templates/moin/mywiki.py.j2 | 32 +++++++++++++++-------
 1 file changed, 22 insertions(+), 10 deletions(-)

diff --git a/roles/moinmoin/templates/moin/mywiki.py.j2 b/roles/moinmoin/templates/moin/mywiki.py.j2
index 397430b9..26d556bc 100644
--- a/roles/moinmoin/templates/moin/mywiki.py.j2
+++ b/roles/moinmoin/templates/moin/mywiki.py.j2
@@ -152,17 +152,17 @@ class Config(FarmConfig):
         ),
         ip_range.IpRange(
             local_nets=[
-                '185.230.76.0/22',  # ENS
-                '185.230.79.0/23',  # test pour zamok
-                '10.53.0.0/16',
-                '10.54.0.0/16',
-                '2a0c:700:0::/40',
-                '45.66.108.0/22', # IPv4 Aurore
-                '2a09:6840::/29'  # IPv6 Aurore
+                '185.230.76.0/22', # IPv4 Crans
+                '172.16.0.0/16',   # IPv4 local
+                '100.64.0.0/10',   # IPv4 adherents
+                '2a0c:700::/32',   # IPv6 Crans
+                '138.231.0.0/16',  # IPv4 ENS
+                '45.66.108.0/22',  # IPv4 Aurore
+                '2a09:6840::/32',  # IPv6 Aurore
             ],
             actions=['newaccount'],
             actions_msg={'newaccount':"La cr&eacute;ation de comptes n'est autoris&eacute;e que depuis le r&eacute;seau du Cr@ns ou sur zamok."},
-        ), 
+        ),
         categorie_public.PublicCategories(pub_cats=[u'Cat\xe9goriePagePublique']), # Avec trusted à False, les acl de Known s'appliquent
 {% endif %}
     ]
@@ -170,9 +170,21 @@ class Config(FarmConfig):
     # Force text editor as CKEditor is broken
     editor_force = True
 
-    def ip_autorised_create_account(self,ip):
+    def ip_autorised_create_account(self, ip):
 {% if moinmoin.main %}
-        return ip.startswith('185.230.76.') or ip.startswith('185.230.77.') or ip.startswith('185.230.78.') or ip.startswith('185.230.79.') or ip.startswith('10.') or ip.startswith('2a0c:700:0:')
+        return ip.startswith('185.230.76.') \
+                or ip.startswith('185.230.77.') \
+                or ip.startswith('185.230.78.') \
+                or ip.startswith('185.230.79.') \
+                or ip.startswith('172.16.') \
+                or ip.startswith('100.64.') \
+                or ip.startwith('138.231.') \
+                or ip.startwith('45.66.108.') \
+                or ip.startwith('45.66.109.') \
+                or ip.startwith('45.66.110.') \
+                or ip.startwith('45.66.111.') \
+                or ip.startswith('2a0c:700:') \
+                or ip.startswith('2a09:6840:')
 {% else %}
         return False
 {% endif %}
-- 
GitLab