From 567358aeff1e07b7f13a6eeed4b9dc0d51654249 Mon Sep 17 00:00:00 2001
From: Infinidoge <infinidoge@inx.moe>
Date: Thu, 1 Feb 2024 20:09:20 -0500
Subject: [PATCH] global/security: set common nginx settings

---
 hosts/Infini-OPTIPLEX/default.nix | 7 -------
 hosts/Infini-SERVER/default.nix   | 7 -------
 modules/global/security.nix       | 8 ++++++++
 3 files changed, 8 insertions(+), 14 deletions(-)

diff --git a/hosts/Infini-OPTIPLEX/default.nix b/hosts/Infini-OPTIPLEX/default.nix
index 1193437..d0d9d00 100644
--- a/hosts/Infini-OPTIPLEX/default.nix
+++ b/hosts/Infini-OPTIPLEX/default.nix
@@ -69,12 +69,5 @@
 
   services.nginx = {
     enable = true;
-
-    statusPage = true;
-
-    recommendedTlsSettings = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-    recommendedProxySettings = true;
   };
 }
diff --git a/hosts/Infini-SERVER/default.nix b/hosts/Infini-SERVER/default.nix
index 75bad50..18152d2 100644
--- a/hosts/Infini-SERVER/default.nix
+++ b/hosts/Infini-SERVER/default.nix
@@ -70,13 +70,6 @@
       {
         enable = true;
 
-        statusPage = true;
-
-        recommendedTlsSettings = true;
-        recommendedOptimisation = true;
-        recommendedGzipSettings = true;
-        recommendedProxySettings = true;
-
         virtualHosts = {
           "*.inx.moe" = ssl // {
             listen = lib.flatten
diff --git a/modules/global/security.nix b/modules/global/security.nix
index b76a7c5..b363ba3 100644
--- a/modules/global/security.nix
+++ b/modules/global/security.nix
@@ -52,6 +52,14 @@ with lib;
     ];
   };
 
+  services.nginx = {
+    statusPage = true;
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+  };
+
   common = {
     nginx.ssl = { sslCertificate = config.secrets."inx.moe.pem"; sslCertificateKey = config.secrets."inx.moe.key"; forceSSL = true; };
   };