From 3ec7bc623a720d4b958b12615fae34efcb3a260c Mon Sep 17 00:00:00 2001 From: stuebinm Date: Sun, 5 Mar 2023 22:47:21 +0100 Subject: fix things & make some others simpler, also ipv6 🎉 --- flora/configuration.nix | 21 +-------------------- flora/services/nginx.nix | 4 ---- 2 files changed, 1 insertion(+), 24 deletions(-) (limited to 'flora') diff --git a/flora/configuration.nix b/flora/configuration.nix index 750268e..c04f240 100644 --- a/flora/configuration.nix +++ b/flora/configuration.nix @@ -35,31 +35,12 @@ useDHCP = false; interfaces.ens3.useDHCP = true; + interfaces.ens10.useDHCP = true; firewall.logRefusedConnections = false; - - }; - services.fail2ban = { - enable = true; - bantime-increment.enable = true; - bantime-increment.overalljails = true; - bantime-increment.maxtime = "1312m"; - ignoreIP = [ "88.133.194.232" ]; - }; - - services.logrotate = { - enable = true; - # the nginx module does stuff here, which apparently no one tells anyone about - settings.nginx = { - rotate = 2; - nocompress = true; - compress = false; - }; - }; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/flora/services/nginx.nix b/flora/services/nginx.nix index bbcacb7..fbbff73 100644 --- a/flora/services/nginx.nix +++ b/flora/services/nginx.nix @@ -9,9 +9,5 @@ recommendedOptimisation = true; recommendedTlsSettings = true; recommendedProxySettings = true; - - appendHttpConfig = '' - add_header Permissions-Policy "interest-cohort=()"; - ''; }; } -- cgit v1.2.3