Block CN/HK Redmine Git access
    
    Whilst we already implement wide blocking of cloud providers, lots of
    seemingly non-human traffic is still found to cause load on Redmine/Unicorn,
    impacting legitimate users. As it is not feasible to constantly update
    the cloud provider blocklists, and often also not sufficient when connections
    originate from ISPs which give a residential appearance (which we do not add
    to the wide blocklists due to not wanting to inhibit potential legitimate users
    on the same ISP from reaching our services), implement blocking of what
    are currently the most offending country codes on the currently most affected path.
    
    The rules can later easily be used for other services / endpoints if needed.
    
    As part of this change, relax the Redmine request rate limit, as the country based block
    is deemed to relax the service well enough.
    
    Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>