remove infra

2025-01-19 18:44:46 +01:00
parent b089a9bbfb
commit fa39cd58e0
1 changed files with 16 additions and 11 deletions
--- a/config/nginx.conf
+++ b/config/nginx.conf
@@ -31,22 +31,16 @@ http {
    # (We do a separate server block for clarity. Could be done with if/host checks.)
  }

-  server {
-    listen 80;
-    server_name ~^(?<subdomain>.+)\.infra\.mrcynic\.site$;
-
-    location / {
-      proxy_pass http://external_ingress;
-      proxy_set_header Host $host;
-      proxy_set_header X-Real-IP $remote_addr;
-    }
-  }
-
  # dev.mrcynic.site - allow only LAN
  server {
    listen 80;
    server_name ~^(?<subdomain>.+)\.dev\.mrcynic\.site$;

+    # Inform NGINX how to read the client IP from X-Forwarded-For
+    real_ip_header X-Forwarded-For;
+    set_real_ip_from 192.168.0.1;
+    real_ip_recursive on;
+
    # Block if not LAN (192.168.0.0/24). You can expand or tighten this as needed.
    allow 192.168.0.0/24;
    deny all;
@@ -57,4 +51,15 @@ http {
      proxy_set_header X-Real-IP $remote_addr;
    }
  }
+
+  server {
+    listen 80;
+    server_name ~^(?<subdomain>.+)\.mrcynic\.site$;
+
+    location / {
+      proxy_pass http://external_ingress;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+    }
+  }
 }