Evie Litherland-Smith
a853475779
Move (hopefully) all reverse proxies to caddy Left off adguard for now, tbd if it needs outside access Moved service expressions up a level since it was a bit unneccesary before
16 lines
375 B
Nix
16 lines
375 B
Nix
{ ... }: {
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
services.caddy = {
|
|
enable = true;
|
|
email = "evie@xenia.me.uk";
|
|
virtualHosts."localhost".extraConfig = ''
|
|
respond "Hello, world!"
|
|
'';
|
|
};
|
|
services.fail2ban = {
|
|
enable = true;
|
|
ignoreIP = [ "127.0.0.1/8" "::1" "192.168.1.0/16" ];
|
|
bantime-increment = { enable = true; };
|
|
};
|
|
}
|