From d9747c64b038943253eaafdc59a49d5face46dab Mon Sep 17 00:00:00 2001 From: Fuwn Date: Fri, 20 Sep 2024 05:36:20 -0700 Subject: modules: server and core modules --- modules/server/networking/caddy.nix | 28 ++++++++++++++++++++++++++++ modules/server/networking/default.nix | 14 ++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 modules/server/networking/caddy.nix create mode 100644 modules/server/networking/default.nix (limited to 'modules/server/networking') diff --git a/modules/server/networking/caddy.nix b/modules/server/networking/caddy.nix new file mode 100644 index 0000000..aae8fb7 --- /dev/null +++ b/modules/server/networking/caddy.nix @@ -0,0 +1,28 @@ +{ + services.caddy = { + enable = true; + + virtualHosts = { + "mayu.due.moe".extraConfig = "reverse_proxy localhost:8098"; + "counter.due.moe".extraConfig = "reverse_proxy localhost:8098"; + "bin.fuwn.me".extraConfig = "reverse_proxy localhost:8090"; + + "fuwn.me".extraConfig = '' + reverse_proxy localhost:8084 + + header Onion-Location http://fuwnme4wbs5x36jjf2usedw2zscozwhazykhyfkjsmudtb7egs3mb7yd.onion{path} + + @blocked { + path /proxy/illegaldrugs.net/cgi-bin/news.php* + path /proxy/scholasticdiversity.us.to/scriptures/* + path /proxy/jsreed5.org/oeis/* + } + respond @blocked 403 + + @no_forwarded_for not header X-Forwarded-For * + request_header @no_forwarded_for X-Forwarded-For {remote_host} + respond /whoami {header.X-Forwarded-For} 200 + ''; + }; + }; +} diff --git a/modules/server/networking/default.nix b/modules/server/networking/default.nix new file mode 100644 index 0000000..c71b072 --- /dev/null +++ b/modules/server/networking/default.nix @@ -0,0 +1,14 @@ +{ + imports = [ ./caddy.nix ]; + services.openssh.enable = true; + + networking = { + hostName = "himeji"; + domain = ""; + + firewall.allowedTCPPorts = [ + 80 + 443 + ]; + }; +} -- cgit v1.2.3