add restrict to vpn on mailserver module
This commit is contained in:
parent
a10568d5ac
commit
1bd5b467ae
@ -165,12 +165,6 @@
|
||||
add_header 'Referrer-Policy' 'origin-when-cross-origin';
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
'';
|
||||
restrictToVpn = ''
|
||||
allow 10.0.0.2/32;
|
||||
allow 10.0.0.3/32;
|
||||
allow 10.0.0.4/32;
|
||||
deny all;
|
||||
'';
|
||||
extensions = [ "html" "txt" "png" "jpg" "jpeg" ];
|
||||
serveStatic = exts: ''
|
||||
try_files $uri $uri/ ${pkgs.lib.strings.concatStringsSep " " (builtins.map (x: "$uri." + "${x}") exts)} =404;
|
||||
@ -202,9 +196,6 @@
|
||||
};
|
||||
extraConfig = webshiteConfig;
|
||||
};
|
||||
"${config.mailserver.fqdn}" = {
|
||||
extraConfig = restrictToVpn;
|
||||
};
|
||||
"src.idimitrov.dev" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
@ -291,6 +291,20 @@ top@{ inputs, moduleWithSystem, ... }: {
|
||||
$config['smtp_pass'] = "%p";
|
||||
'';
|
||||
};
|
||||
nginx.virtualHosts =
|
||||
let
|
||||
restrictToVpn = ''
|
||||
allow 10.0.0.2/32;
|
||||
allow 10.0.0.3/32;
|
||||
allow 10.0.0.4/32;
|
||||
deny all;
|
||||
'';
|
||||
in
|
||||
{
|
||||
"${config.mailserver.fqdn}" = {
|
||||
extraConfig = restrictToVpn;
|
||||
};
|
||||
};
|
||||
postgresql.enable = true;
|
||||
};
|
||||
security = {
|
||||
|
Loading…
Reference in New Issue
Block a user