Introduced separate configuration files for Nginx and pict-rs, enabling a streamlined setup for web services. The Nginx configuration includes reverse proxy settings, automatic SSL certificate generation with Let's Encrypt, and fail2ban for security. The pict-rs configuration facilitates image service management with CORS support. Updated the shared configuration to import these new files, improving modularity and maintainability of the NixOS setup.
Enhanced the shared Nix configuration by adding recommended settings for Nginx, including Gzip, optimization, and TLS settings. Disabled proxy settings to prevent interference with WebSocket. Additionally, enabled automatic SSL certificate generation using Let's Encrypt and configured fail2ban for improved security.
This update aims to strengthen the web application's security and performance while maintaining flexibility in the Nginx setup.
Updated the shared Nix configuration to replace the hostname parameter with a domain parameter, allowing for more flexible virtual host configurations. Adjusted machine1 and machine2 configurations to reflect this change, ensuring proper domain usage for Nginx virtual hosts, including new entries for web-app, LNbits, and image services.
Introduces a shared configuration file to streamline machine-specific settings for NixOS deployments. This includes:
- Hostname configuration
- Common system packages (vim, git, htop)
- SSH service enablement
- Nginx setup with virtual host configuration
- Firewall rules for HTTP/HTTPS access
Updates machine-specific configurations to import shared settings, reducing redundancy and improving maintainability.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
