add denylist to top of caddy routes

This commit is contained in:
Noah Masur 2024-08-19 00:04:33 +00:00
parent 81cb603bb7
commit 5798406977
No known key found for this signature in database

View File

@ -46,7 +46,7 @@
# Force Caddy to 403 if not coming from allowlisted source # Force Caddy to 403 if not coming from allowlisted source
caddy.cidrAllowlist = [ "127.0.0.1/32" ]; caddy.cidrAllowlist = [ "127.0.0.1/32" ];
caddy.routes = [ caddy.routes = lib.mkBefore [
{ {
match = [ { not = [ { remote_ip.ranges = config.caddy.cidrAllowlist; } ]; } ]; match = [ { not = [ { remote_ip.ranges = config.caddy.cidrAllowlist; } ]; } ];
handle = [ handle = [