1 files changed, 0 insertions, 99 deletions
diff --git a/modules/nixfiles/nginx.nix b/modules/nixfiles/nginx.nix
deleted file mode 100644
index b8ab24d..0000000
--- a/modules/nixfiles/nginx.nix
+++ /dev/null
@@ -1,99 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  this,
-  ...
-}:
-with lib; let
-  cfg = config.nixfiles.modules.nginx;
-in {
-  options.nixfiles.modules.nginx = {
-    enable = mkEnableOption "Nginx";
-
-    upstreams = mkOption {
-      description = "Defines a group of servers to use as proxy target.";
-      type = with types; anything;
-      default = null;
-    };
-
-    virtualHosts = mkOption {
-      description = "Attrset of virtual hosts.";
-      type = with types; anything;
-      default = null;
-    };
-  };
-
-  config = mkIf cfg.enable {
-    services = {
-      nginx = {
-        enable = true;
-        enableReload = true;
-
-        package = pkgs.nginxMainline;
-
-        statusPage = true;
-
-        serverTokens = false;
-
-        recommendedGzipSettings = true;
-        recommendedOptimisation = true;
-        recommendedProxySettings = true;
-        recommendedTlsSettings = true;
-
-        commonHttpConfig = concatStrings [
-          ''
-            add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet";
-          ''
-          (optionalString (hasAttr "wireguard" this)
-            (with config.nixfiles.modules.wireguard; ''
-              geo $internal {
-                default 0;
-                127.0.0.1/32 1;
-                ::1/128 1;
-                ${ipv4.subnet} 1;
-                ${ipv6.subnet} 1;
-              }
-            ''))
-        ];
-
-        inherit (cfg) upstreams;
-
-        virtualHosts =
-          {
-            default = {
-              default = true;
-              rejectSSL = true;
-              locations."/".return = "444";
-            };
-          }
-          // (mkIf (cfg.virtualHosts != null) (mapAttrs (_: attr:
-            mkMerge [
-              attr
-              (mkIf config.nixfiles.modules.acme.enable {
-                enableACME = true;
-                forceSSL = true;
-              })
-            ])
-          cfg.virtualHosts));
-      };
-
-      fail2ban.jails = {
-        nginx-http-auth = ''
-          enabled = true
-        '';
-        nginx-botsearch = ''
-          enabled = true
-        '';
-      };
-
-      prometheus.exporters.nginx = {
-        enable = true;
-        listenAddress = mkDefault this.wireguard.ipv4.address;
-        port = mkDefault 9113;
-      };
-    };
-
-    networking.firewall.allowedTCPPorts = [80 443];
-  };
-}