Enhanced the shared Nix configuration by adding recommended settings for Nginx, including Gzip, optimization, and TLS settings. Disabled proxy settings to prevent interference with WebSocket. Additionally, enabled automatic SSL certificate generation using Let's Encrypt and configured fail2ban for improved security.
This update aims to strengthen the web application's security and performance while maintaining flexibility in the Nginx setup.
Updated the shared Nix configuration to replace the hostname parameter with a domain parameter, allowing for more flexible virtual host configurations. Adjusted machine1 and machine2 configurations to reflect this change, ensuring proper domain usage for Nginx virtual hosts, including new entries for web-app, LNbits, and image services.
Introduces a shared configuration file to streamline machine-specific settings for NixOS deployments. This includes:
- Hostname configuration
- Common system packages (vim, git, htop)
- SSH service enablement
- Nginx setup with virtual host configuration
- Firewall rules for HTTP/HTTPS access
Updates machine-specific configurations to import shared settings, reducing redundancy and improving maintainability.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
