From 3ec7bc623a720d4b958b12615fae34efcb3a260c Mon Sep 17 00:00:00 2001
From: stuebinm
Date: Sun, 5 Mar 2023 22:47:21 +0100
Subject: fix things & make some others simpler, also ipv6 🎉

---
 flora/configuration.nix  | 21 +--------------------
 flora/services/nginx.nix |  4 ----
 2 files changed, 1 insertion(+), 24 deletions(-)

(limited to 'flora')

diff --git a/flora/configuration.nix b/flora/configuration.nix
index 750268e..c04f240 100644
--- a/flora/configuration.nix
+++ b/flora/configuration.nix
@@ -35,31 +35,12 @@
     
     useDHCP = false;
     interfaces.ens3.useDHCP = true;
+    interfaces.ens10.useDHCP = true;
 
     firewall.logRefusedConnections = false;
-    
-
   };
 
-  services.fail2ban = {
-    enable = true;
-    bantime-increment.enable = true;
-    bantime-increment.overalljails = true;
-    bantime-increment.maxtime = "1312m";
-    ignoreIP = [ "88.133.194.232" ];
-  };
-  
-  services.logrotate = {
-    enable = true;
-    # the nginx module does stuff here, which apparently no one tells anyone about
-    settings.nginx = {
-      rotate = 2;
-      nocompress = true;
-      compress = false;
-    };
-  };
 
-  
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
diff --git a/flora/services/nginx.nix b/flora/services/nginx.nix
index bbcacb7..fbbff73 100644
--- a/flora/services/nginx.nix
+++ b/flora/services/nginx.nix
@@ -9,9 +9,5 @@
     recommendedOptimisation = true;
     recommendedTlsSettings = true;
     recommendedProxySettings = true;
-
-    appendHttpConfig = ''
-      add_header Permissions-Policy "interest-cohort=()";
-    '';
   };
 }
-- 
cgit v1.2.3