Context: we are using `NGINX_ENABLE_SSL` variable to have the encrypted connection between ELB and AppServer, but this [adds](https://github.com/edx/configuration/blob/574cb0e396bcd8403b86a6000f8b573c81d4f5cd/playbooks/roles/edx_django_service/templates/edx/app/nginx/sites-available/app.j2#L13) IP disclosure handling, which returns `403` on attempt of reaching the server via its IP address. As it's [not possible](https://forums.aws.amazon.com/thread.jspa?messageID=423533) to specify the Host header for the health check, we should be able to set a variable that alters this behavior.
This adds a new variable called `NGINX_ALLOW_PRIVATE_IP_ACCESS`, which allows to disable handling the IP disclosure within private subnetworks.
Breakdown of the used regexp ([source](https://stackoverflow.com/a/33453740)):
`(\d+)(?<!10)` is used for the `10.0.0.0 – 10.255.255.255` range,
`\.(\d+)(?<!192\.168)(?<!172\.(1[6-9]|2\d|3[0-1]))` handles `172.16.0.0 - 172.31.255.255 ` and `192.168.0.0 – 192.168.255.255` ranges.
`\.(\d+)\.(\d+)` matches the remaining two octets.
*JIRA tickets*: TBD
*Merge deadline*: "None"
[x] @lgp171188 (approved in open-craft/configuration/pull/126)
[ ] edX reviewer[s] TBD
Configuration Pull Request
Make sure that the following steps are done before merging:
[ ] A DevOps team member has approved the PR if it is code shared across multiple services and you don't own all of the services.
[ ] <s>Are you adding any new default values that need to be overridden when this change goes live? If so:
[ ] Update the appropriate internal repo (be sure to update for all our environments)
[ ] If you are updating a secure value rather than an internal one, file a DEVOPS ticket with details.
[ ] Add an entry to the CHANGELOG.
[ ] If you are making a complicated change, have you performed the proper testing specified on the [Ops Ansible Testing Checklist](https://openedx.atlassian.net/wiki/display/EdxOps/Ops+Ansible+Testing+Checklist)? Adding a new variable does not require the full list (although testing on a sandbox is a great idea to ensure it links with your downstream code changes).</s>
[ ] Think about how this change will affect Open edX operators. Have you updated the wiki page for the next Open edX release?