refactor: Remove redundant subdomain form ocrerv

2025-03-28 17:19:36 +03:00
parent aedc1a4297
commit 2b4a9e1f90
1 changed files with 1 additions and 26 deletions
--- a/sp-modules/ocserv/module.nix
+++ b/sp-modules/ocserv/module.nix
@@ -16,18 +16,6 @@ in
        type = "enable";
      };
    };
-    subdomain = (lib.mkOption {
-      default = "vpn";
-      type = lib.types.strMatching "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
-      description = "Subdomain";
-    }) // {
-      meta = {
-        widget = "subdomain";
-        type = "string";
-        regex = "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
-        weight = 0;
-      };
-    };
  };

  config = lib.mkIf cfg.enable {
@@ -61,7 +49,7 @@ in
        idle-timeout=1200
        mobile-idle-timeout=2400

-        default-domain = ${cfg.subdomain}.${domain}
+        default-domain = ${domain}

        device = vpn0

@@ -75,19 +63,6 @@ in
        route = default
      '';
    };
-    services.nginx.virtualHosts."${cfg.subdomain}.${domain}" = {
-      useACMEHost = domain;
-      forceSSL = true;
-      extraConfig = ''
-        add_header Strict-Transport-Security $hsts_header;
-        #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
-        add_header 'Referrer-Policy' 'origin-when-cross-origin';
-        add_header X-Frame-Options DENY;
-        add_header X-Content-Type-Options nosniff;
-        add_header X-XSS-Protection "1; mode=block";
-        proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
-      '';
-    };
    systemd = {
      services = {
        ocserv = {