From 6fee027d403fd054c1abc70984bd4e25db8e88e9 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 2 Feb 2017 20:52:55 +0000
Subject: [PATCH] Combine all rules into one

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/kojipkgs/files/kojipkgs.conf | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/roles/kojipkgs/files/kojipkgs.conf b/roles/kojipkgs/files/kojipkgs.conf
index 06d1a56327..7653afe44b 100644
--- a/roles/kojipkgs/files/kojipkgs.conf
+++ b/roles/kojipkgs/files/kojipkgs.conf
@@ -103,20 +103,10 @@ Alias /pub /pub
     Require all granted
 </Directory>
 
+# This IP is sign-bridge01.phx2.fedoraproject.org.
+# It needs to be able to sign openh264 packages.
 RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.x86_64.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
-RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.armv7hl.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
-RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.i686.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
-RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.ppc64.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
-RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.ppc64le.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
-RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.aarch64.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
-RewriteCond %{HTTP:X-Forwarded-For} !10.5.125.71
-RewriteRule ".*/.*openh264.*.s390x.rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
+RewriteRule ".*/.*openh264.*.(x86_64|armv7hl|i686|ppc64|ppc64le|aarch64|s390x).rpm$" "https://fedoraproject.org/wiki/non-distributable-rpms" [R=302,L]
 
 # Set HSTS header via HTTP since it cannot be easily set in squid, which terminates HTTPS
 Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"