oops i had unstaged changes

2025-08-09 12:19:25 -04:00 · 2025-08-09 12:19:25 -04:00 · ca02eefa3e
commit ca02eefa3e
parent 37db37e554
1 changed files with 33 additions and 37 deletions
--- a/hosts/Drone/default.nix
+++ b/hosts/Drone/default.nix
@ -55,62 +55,58 @@
    cloudflared = {
      enable = true;
      tunnels."8af2892d-d534-4e32-b867-5b79308a99d5" = {
-	credentialsFile = "/etc/cloudflared/8af2892d-d534-4e32-b867-5b79308a99d5.json";
+	      credentialsFile = "/etc/cloudflared/8af2892d-d534-4e32-b867-5b79308a99d5.json";
-	default = "http_status:418";
+	      default = "http_status:418";
      };
    };
    caddy = {
      enable = true;
      virtualHosts = {
-	"drone.taild5f7e6.ts.net".extraConfig = ''
+        "drone.taild5f7e6.ts.net".extraConfig = ''
-	  encode
+          encode
-	  # most of this doesnt matter but why not
+          # most of this doesnt matter but why not
          header {
-	      Strict-Transport-Security "max-age=31536000;"
+              Strict-Transport-Security "max-age=31536000;"
-	      X-Frame-Options "SAMEORIGIN"
+              X-Frame-Options "SAMEORIGIN"
-	      X-Content-Type-Options "nosniff"
+              X-Content-Type-Options "nosniff"
-	      -Server
+              -Server
-	      -X-Powered-By
+              -X-Powered-By
-	  }
+          }
-	  # block connections to admin login
+          # block connections to admin login
          respond /admin/* 403
-	  
+          
-	  reverse_proxy localhost:8000
+          reverse_proxy localhost:8000
        '';
-	"zipline.wo2wz.fyi".extraConfig = ''
+        "zipline.wo2wz.fyi".extraConfig = ''
-	  encode
+          encode
-	  # most are configured by cloudflare already
+          # most headers are already configured via cloudflare
          header {
-#	      Strict-Transport-Security "max-age=31536000;"
+      	      # nobody is gonna find this site through a search engine anyway
-#	      X-Frame-Options "DENY"
+              X-Robots-Tag "noindex, nofollow"
-#	      X-Content-Type-Options "nosniff"
+              -Server
-#	      # nobody is gonna find this site through a search engine anyway
+          }
 	      X-Robots-Tag "noindex, nofollow"
 	      -Server
 #	      -X-Powered-By
 	  }
-	  # use cloudflare origin certs for https
+          # use cloudflare origin certs for https
-	  tls /var/secrets/caddy/wo2wz.fyi.crt /var/secrets/caddy/wo2wz.fyi.key
+          tls /var/secrets/caddy/wo2wz.fyi.crt /var/secrets/caddy/wo2wz.fyi.key
-	  reverse_proxy localhost:3000
+          reverse_proxy localhost:3000
-	'';
+        '';
-	"wo2wz.fyi".extraConfig = ''
+        "wo2wz.fyi".extraConfig = ''
-	  encode
+          encode
-	  header {
+          header {
-	      X-Robots-Tag "noindex, nofollow"
+              X-Robots-Tag "noindex, nofollow"
-	      -Server
+              -Server
-	  }
+          }
-	  respond "not much to see here"
+          respond "not much to see here"
-	'';
+        '';
      };
    };