-
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f2549f5
commit ac8c157
Showing
1 changed file
with
52 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,56 @@ | ||
server { | ||
listen 8080; | ||
server_name localhost; | ||
http { | ||
server_tokens off; | ||
|
||
location / { | ||
root /usr/share/nginx/html; | ||
index index.html; | ||
} | ||
set_real_ip_from 10.0.0.0/8; | ||
set_real_ip_from 172.16.0.0/12; | ||
set_real_ip_from 192.168.0.0/16; | ||
real_ip_header X-Real-IP; | ||
|
||
server { | ||
listen 8080; | ||
server_name localhost; | ||
|
||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; | ||
add_header X-Content-Type-Options nosniff; | ||
add_header X-XSS-Protection "1; mode=block"; | ||
add_header X-Download-Options noopen; | ||
add_header X-Permitted-Cross-Domain-Policies none; | ||
add_header Referrer-Policy strict-origin-when-cross-origin; | ||
add_header X-Frame-Options sameorigin; | ||
add_header Report-To '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://dargmuesli.report-uri.com/a/d/g"}],"include_subdomains":true}'; | ||
add_header NEL '{"report_to":"default","max_age":31536000,"include_subdomains":true}'; | ||
add_header Content-Security-Policy " | ||
base-uri: 'none'; | ||
connect-src 'https://www.google-analytics.com'; | ||
default-src 'none'; | ||
font-src 'none'; | ||
form-action: 'none'; | ||
frame-ancestors: 'none'; | ||
frame-src 'none'; | ||
img-src 'self' https://www.google-analytics.com; | ||
manifest-src 'self'; | ||
media-src 'self'; | ||
object-src 'self'; | ||
script-src 'self' https://static.cloudflareinsights.com/beacon.min.js https://www.google-analytics.com/analytics.js; | ||
style-src 'self'; | ||
report-to default; | ||
"; | ||
|
||
gzip on; | ||
gzip_vary on; | ||
gzip_comp_level 4; | ||
gzip_min_length 256; | ||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; | ||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; | ||
|
||
location / { | ||
root /usr/share/nginx/html; | ||
index index.html; | ||
} | ||
|
||
location /healthcheck { | ||
return 200 'alive'; | ||
add_header Content-Type text/plain; | ||
location /healthcheck { | ||
return 200 'alive'; | ||
add_header Content-Type text/plain; | ||
} | ||
} | ||
} |