noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2024-11-22 07:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

add denylist to top of caddy routes

Browse Source
This commit is contained in:
Noah Masur 2024-08-19 00:04:33 +00:00
parent 81cb603bb7
commit 5798406977
No known key found for this signature in database
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/nixos/services/caddy.nix
View File

@ -46,7 +46,7 @@
# Force Caddy to 403 if not coming from allowlisted source
caddy.cidrAllowlist = [ "127.0.0.1/32" ];
caddy.routes = [
caddy.routes = lib.mkBefore [
{
match = [ { not = [ { remote_ip.ranges = config.caddy.cidrAllowlist; } ]; } ];
handle = [