1
0
mirror of https://github.com/nmasur/dotfiles synced 2025-04-08 22:21:11 +00:00

add denylist to top of caddy routes

This commit is contained in:
Noah Masur 2024-08-19 00:04:33 +00:00
parent 81cb603bb7
commit 5798406977
No known key found for this signature in database

@ -46,7 +46,7 @@
# Force Caddy to 403 if not coming from allowlisted source
caddy.cidrAllowlist = [ "127.0.0.1/32" ];
caddy.routes = [
caddy.routes = lib.mkBefore [
{
match = [ { not = [ { remote_ip.ranges = config.caddy.cidrAllowlist; } ]; } ];
handle = [