anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-04-03 19:42:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

hardening nginx conf

Browse Source 
Former-commit-id: 94b9738638
This commit is contained in:
Hadi
2025-04-22 13:48:02 +02:00
parent 8eec546631
commit bbec068d1d
1 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
server-modules/nginx.nix
View File

@@ -16,12 +16,21 @@
credentialsFile = config.sops.secrets.cloudflare-dns-token.path; credentialsFile = config.sops.secrets.cloudflare-dns-token.path;
}; };
services.nginx.virtualHosts."default" = { services.nginx.virtualHosts = {
default = true; "default" = {
locations."/" = { return = 444; }; default = true;
extraConfig = '' locations."/" = { return = 444; };
server_name _; };
''; "*.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { return = 444; };
};
"aaaaaa.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { return = 444; };
};
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];