diff options
| author | Linnnus <[email protected]> | 2023-10-21 19:09:27 +0200 |
|---|---|---|
| committer | Linnnus <[email protected]> | 2023-10-21 19:09:27 +0200 |
| commit | cb0697f14a5a13985710e8e2824158c038e03d83 (patch) | |
| tree | 8a68731cddfea39835b12bf95f5fb8e64ccb536b /hosts/ahmed | |
| parent | d8727c5a832fa760e1f62a0fb2aa00b6667727af (diff) | |
cloudflare-proxy: Block non-cloudflare HTTP(S) connections
Diffstat (limited to 'hosts/ahmed')
| -rw-r--r-- | hosts/ahmed/configuration.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/hosts/ahmed/configuration.nix b/hosts/ahmed/configuration.nix index 945f29c..f95f449 100644 --- a/hosts/ahmed/configuration.nix +++ b/hosts/ahmed/configuration.nix @@ -3,6 +3,7 @@ { config, pkgs, + metadata, ... }: { imports = [ @@ -82,7 +83,10 @@ networking.firewall.allowedTCPPorts = [80 443]; # We are running behind CF proxy. - modules.cloudflare-proxy.enable = true; + modules.cloudflare-proxy = { + enable = true; + firewall.IPv4Whitelist = [metadata.hosts.muhammed.ipAddress]; + }; # Use as main driver temporarily. # modules.graphics.enable = true; |