c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity
nix-config/lib/nginx.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

43 lines
780 B
Nix
Raw Normal View History

Add missing filte
2023-04-11 23:53:53 +02:00
_:
{
defaultListen = let
listen = [
Enable proxyProtocol not together with old proxy method
2024-03-14 18:41:02 +01:00
{
addr = "[::]";
port = 80;
}
{
addr = "[::]";
port = 443;
ssl = true;
}
Add missing filte
2023-04-11 23:53:53 +02:00
{
addr = "[::]";
Fix ldap listen, proxy protocol ports
2023-11-07 23:10:26 +01:00
port = 8080;
Add missing filte
2023-04-11 23:53:53 +02:00
extraParameters = [ "proxy_protocol" ];
}
{
addr = "[::]";
Fix ldap listen, proxy protocol ports
2023-11-07 23:10:26 +01:00
port = 8443;
Add missing filte
2023-04-11 23:53:53 +02:00
ssl = true;
extraParameters = [ "proxy_protocol" ];
}
];
in
map (x: (x // { addr = "0.0.0.0"; })) listen ++ listen;
Move nginx allow only hq network to lib
2023-05-25 22:17:51 +02:00
hqNetworkOnly = ''
satisfy any;
allow 2a00:8180:2c00:200::/56;
allow 2a0f:5382:acab:1400::/56;
allow fd23:42:c3d2:500::/56;
allow 30c:c3d2:b946:76d0::/64;
allow ::1/128;
allow 172.22.99.0/24;
allow 172.20.72.0/21;
allow 127.0.0.0/8;
deny all;
'';
Add missing filte
2023-04-11 23:53:53 +02:00
}