Nicola Zambello
6e6948b4fd
All checks were successful
Docker CI / release (push) Successful in 3m52s
38 lines
1.4 KiB
Nginx Configuration File
38 lines
1.4 KiB
Nginx Configuration File
worker_processes 1;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
# Security headers
|
|
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://umami.nzambello.dev; style-src 'self' 'unsafe-inline' https://unpkg.com; img-src 'self' data: https:; font-src 'self' https://unpkg.com; connect-src 'self' https://umami.nzambello.dev; media-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests" always;
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header X-Frame-Options "DENY" always;
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header Permissions-Policy "camera=(), microphone=(), geolocation=(), payment=()" always;
|
|
|
|
# Remove server information
|
|
server_tokens off;
|
|
|
|
server {
|
|
listen 8080;
|
|
server_name _;
|
|
|
|
root /usr/share/nginx/html;
|
|
index index.html index.htm;
|
|
include /etc/nginx/mime.types;
|
|
|
|
gzip on;
|
|
gzip_min_length 1000;
|
|
gzip_proxied expired no-cache no-store private auth;
|
|
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
|
|
|
location / {
|
|
try_files $uri $uri/index.html $uri.html;
|
|
}
|
|
}
|
|
}
|