Salut Aleks,
J’ai supprimé le dossier /etc/yunohost/hooks.d
avant de faire un regen-conf, puis j’ai rétabli les hooks.
Il semble que ça soit un hook de tri geoip qui pose soucis (my bad, je l’avais oublié, hook basé sur Tuto: Bloquer les requêtes selon le pays ) :
nginx:
applied:
/etc/nginx/conf.d/country.conf:
diff: @@ -0,0 +1,17 @@
+# GeoIP databases
+geoip_country /usr/share/GeoIP/GeoIP.dat;
+
+map $geoip_country_code $allowed_country {
+ default no;
+ # France
+ FR yes;
+ CH yes;
+ # Italie
+ #IT yes;
+}
+
+geo $lan-ip {
+ default no;
+ xxx.xxx.xxx.0/24 yes;
+ 127.0.0.1 yes;
+}
status: created
/etc/nginx/conf.d/security.conf.inc:
diff: @@ -36,4 +36,26 @@
# Disable gzip to protect against BREACH
# Read https://trac.nginx.org/nginx/ticket/1720 (text/html cannot be disabled!)
-gzip off;+gzip off;
+
+# allow local ip
+if ($lan-ip = yes) {
+ set $allowed_country yes;
+}
+# block the country
+#if ($allowed_country = no) {
+# return 444;
+#}
+
+#blocage sur certaines url uniquement
+location ~* /(sso) {
+ if ($allowed_country = no) {
+ return 444;
+ }
+}
+
+
+
+#Gestion des robots
+add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive, noimageindex, notranslate";
+
status: updated
pending:
Et effectivement j’ai alors ce type de lignes dans les logs :
2025/03/01 19:19:08 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/assets/njfUa8RF.js" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/assets/njfUa8RF.js HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/?r=aHR0cHM6Ly9jaGF0b24ubm9oby5zdC8="
2025/03/01 19:19:08 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/assets/C6Vd-mzK.js" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/assets/C6Vd-mzK.js HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/?r=aHR0cHM6Ly9jaGF0b24ubm9oby5zdC8="
2025/03/01 19:19:19 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/applogos/dbaa0699e4c2817dafab3c884bfc273bc8b75fd8c11fb8f40828173aa8015181.png" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/applogos/dbaa0699e4c2817dafab3c884bfc273bc8b75fd8c11fb8f40828173aa8015181.png HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/"
2025/03/01 19:19:19 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/applogos/b6096cee04f755063881d4e156013417af07a6aac93b06ce87229c0690486f57.png" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/applogos/b6096cee04f755063881d4e156013417af07a6aac93b06ce87229c0690486f57.png HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/"
2025/03/01 19:19:19 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/applogos/2f8bb76e13974d50a77c6bbd95f4b963e4c9c0ee63cc4ad4fd01e0f17dd84cc3.png" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/applogos/2f8bb76e13974d50a77c6bbd95f4b963e4c9c0ee63cc4ad4fd01e0f17dd84cc3.png HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/"
2025/03/01 19:19:19 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/applogos/952f3e47af4f4fabab9773d55b78edc2dc9b5c1cfe656c0b62a295e9f78493d7.png" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/applogos/952f3e47af4f4fabab9773d55b78edc2dc9b5c1cfe656c0b62a295e9f78493d7.png HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/"
2025/03/01 19:19:19 [error] 2631208#2631208: *10 open() "/usr/share/nginx/html/yunohost/sso/assets/CC--juWV.js" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/assets/CC--juWV.js HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/"
2025/03/01 19:19:21 [error] 2631209#2631209: *94 open() "/usr/share/nginx/html/yunohost/sso/assets/DFvAvYwi.js" failed (2: No such file or directory), client: xxx.xxx.xxx.xxx, server: serveur.noho.st, request: "GET /yunohost/sso/assets/DFvAvYwi.js HTTP/2.0", host: "serveur.noho.st", referrer: "https://serveur.noho.st/yunohost/sso/"
J’en déduis que l’IP du serveur est bannie, et qu’il faudrait la whitelister dans mon hook.
=> Sur quelle serveur yunohost va-t-il chercher ces fameux “applogos” ?