anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-04-02 11:12:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

hardening nginx conf

Browse Source 
Former-commit-id: 94b9738638
This commit is contained in:
Hadi
2025-04-22 13:48:02 +02:00
parent 8eec546631
commit bbec068d1d
1 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
server-modules/nginx.nix
View File

@@ -16,12 +16,21 @@
credentialsFile = config.sops.secrets.cloudflare-dns-token.path;
};
services.nginx.virtualHosts."default" = {
default = true;
locations."/" = { return = 444; };
extraConfig = ''
server_name _;
'';
services.nginx.virtualHosts = {
"default" = {
default = true;
locations."/" = { return = 444; };
};
"*.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { return = 444; };
};
"aaaaaa.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { return = 444; };
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];