Replace broken proxy_cache_bypass (was bypassing every request) with
proxy_cache_lock to coalesce concurrent requests for the same path.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Allow TCP ports 80 and 443 in the firewall for HTTP and HTTPS traffic.
- Enable Nginx with ACME integration for automatic SSL certificate management.
- Configure a virtual host with proxy settings and support for WebSocket traffic.
- Set `libvirtd.enable` to `false` in `default.nix` to align with the current virtualization setup.
- Prevents unnecessary service activation and reduces resource usage.
- Replace `dhcpcd` with `systemd-networkd` by setting `networking.useDHCP` to `false` and `networking.useNetworkd` to `true`.
- Add a static IPv6 configuration and routes for `enp1s0` in `30-wan`.
- Ensures a more streamlined and customizable network configuration.
- Set `security.sudo.wheelNeedsPassword` to `false` in `default.nix`.
- Simplifies sudo access for users in the wheel group and aligns with system usage patterns.
- Set `networking.dhcpcd.IPv6rs` to `true` in `default.nix` to support IPv6 router solicitation.
- Ensures better compatibility with networks requiring IPv6 RA for configuration.
- Remove the ESP partition configuration in `disko.nix` as it’s unnecessary for legacy BIOS setups.
- Enable GRUB bootloader and disable EFI settings in `default.nix` for compatibility with Hetzner cloud instances.
- Switch disk device from `/dev/vda` to `/dev/sda` for compatibility.
- Add S3 storage configuration with bucket, region, and endpoint.
- Update system state version from `24.05` to `25.11`.
- Remove unused imports and clean up redundant attributes.
2026-03-25 09:33:32 +01:00
Renamed from systems/x86_64-linux/sgx-attic/default.nix (Browse further)
