containers: move caddy virtual hosts to container files

author: Fuwn <[email protected]> 2024-10-07 21:02:40 -0700
committer: Fuwn <[email protected]> 2024-10-07 21:04:52 -0700
commit: 8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a (patch)
tree: ad945bb8d9b0cc4390ee66ef96a72bacf2344da8 /modules/server/virtualisation/containers/september.nix
parent: server: use caddy-tailscale (diff)
download: nixos-config-8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a.tar.xz
nixos-config-8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/modules/server/virtualisation/containers/september.nix b/modules/server/virtualisation/containers/september.nix
index d48666c..68dbd2b 100644
--- a/modules/server/virtualisation/containers/september.nix
+++ b/modules/server/virtualisation/containers/september.nix
@@ -1,5 +1,22 @@
 { config, ... }:
 {
+  services.caddy.virtualHosts."fuwn.me".extraConfig = ''
+    reverse_proxy localhost:8084
+
+    header Onion-Location http://fuwnme4wbs5x36jjf2usedw2zscozwhazykhyfkjsmudtb7egs3mb7yd.onion{path}
+
+    @blocked {
+      path /proxy/illegaldrugs.net/cgi-bin/news.php*
+      path /proxy/scholasticdiversity.us.to/scriptures/*
+      path /proxy/jsreed5.org/oeis/*
+    }
+    respond @blocked 403
+
+    @no_forwarded_for not header X-Forwarded-For *
+    request_header @no_forwarded_for X-Forwarded-For {remote_host}
+    respond /whoami {header.X-Forwarded-For} 200
+  '';
+
   virtualisation.oci-containers.containers.september = {
     inherit (config.modules.containers) extraOptions;
author	Fuwn <[email protected]>	2024-10-07 21:02:40 -0700
committer	Fuwn <[email protected]>	2024-10-07 21:04:52 -0700
commit	8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a (patch)
tree	ad945bb8d9b0cc4390ee66ef96a72bacf2344da8 /modules/server/virtualisation/containers/september.nix
parent	server: use caddy-tailscale (diff)
download	nixos-config-8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a.tar.xz nixos-config-8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a.zip