containers/diamond: only listen on local addresses

TIL nginx will only route via amethyst if it's on local address, even if hostname doesn't match
2026-03-17 17:25:35 +11:00 · 2026-03-17 17:25:35 +11:00 · b7665d9bd5
commit b7665d9bd5
parent 55e0d25251
1 changed files with 1 additions and 0 deletions
--- a/containers/diamond/flake.nix
+++ b/containers/diamond/flake.nix
@ -24,6 +24,7 @@
        useACMEHost = "lava.moe";
        forceSSL = true;
        locations."/".proxyPass = "http://[${client}]:8000";
+        listenAddresses = [ "10.0.0.1" "[fd0d::1]" ];
      };

      systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];