aboutsummaryrefslogtreecommitdiff
path: root/modules/nixos/server/nginx/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/server/nginx/default.nix')
-rw-r--r--modules/nixos/server/nginx/default.nix42
1 files changed, 0 insertions, 42 deletions
diff --git a/modules/nixos/server/nginx/default.nix b/modules/nixos/server/nginx/default.nix
deleted file mode 100644
index d960d33..0000000
--- a/modules/nixos/server/nginx/default.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{
- config,
- lib,
- ...
-}:
-let
- inherit (lib)
- mkEnableOption
- mkIf
- ;
- cfg = config.nx.server.nginx;
-in
-{
- options.nx.server.nginx = {
- enable = mkEnableOption "nginx reverse proxy" // {
- default = true;
- };
- };
- config = mkIf cfg.enable {
- services.nginx = {
- enable = true;
- recommendedGzipSettings = true;
- recommendedOptimisation = true;
- recommendedProxySettings = true;
- recommendedTlsSettings = true;
- appendHttpConfig = ''
- map $scheme $hsts_header {
- https "max-age=31536000; includeSubdomains; preload";
- }
- add_header Strict-Transport-Security $hsts_header;
- #add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'self';" always;
- add_header 'Referrer-Policy' 'same-origin';
- add_header X-Frame-Options DENY;
- add_header X-Content-Type-Options nosniff;
- '';
- };
- networking.firewall.allowedTCPPorts = [
- 80
- 443
- ];
- };
-}
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-30 15:38:06 +0000