From 4edc6a8d5d09011888ea4209c4fa998fdb61e064 Mon Sep 17 00:00:00 2001
From: muon <admin@muon.host>
Date: Sat, 25 Jan 2025 14:28:14 +0000
Subject: [PATCH] Add cross content

---
 modules/nixos/server/nginx.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/modules/nixos/server/nginx.nix b/modules/nixos/server/nginx.nix
index 2cf0163..d5394db 100644
--- a/modules/nixos/server/nginx.nix
+++ b/modules/nixos/server/nginx.nix
@@ -53,7 +53,7 @@ in with lib; {
         # add_header Strict-Transport-Security $hsts_header;
 
         # Enable CSP for your services.
-        #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
+        add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
 
         # Minimize information leaked to other domains
         add_header 'Referrer-Policy' 'origin-when-cross-origin';
@@ -69,6 +69,9 @@ in with lib; {
 
         # required when the server wants to use HTTP Authentication
         proxy_pass_header Authorization;
+
+        # This is necessary to pass the correct IP to be hashed
+        real_ip_header X-Real-IP;
       '';
 
       virtualHosts = let