MiOM website
https://miom.space
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.1 KiB
48 lines
1.1 KiB
# global options |
|
{ |
|
# remove comment to use staging Let's Encrypt servers (for testing) |
|
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory |
|
|
|
# auto_https contact mail address, for TLS certs notifications (expiry, |
|
# other problems with certs) |
|
email admins@pub.solar |
|
} |
|
|
|
# security and privacy header snippet |
|
(security_headers) { |
|
header { |
|
# disable FLoC tracking |
|
Permissions-Policy interest-cohort=() |
|
|
|
# enable HSTS |
|
Strict-Transport-Security max-age=63072000; |
|
|
|
# disable clients from sniffing the media type |
|
X-Content-Type-Options nosniff |
|
|
|
# clickjacking protection |
|
X-Frame-Options DENY |
|
|
|
# keep referrer data off of HTTP connections |
|
Referrer-Policy no-referrer-when-downgrade |
|
} |
|
} |
|
|
|
# static file server |
|
miom.space { |
|
import security_headers |
|
root * /srv/miom.space |
|
file_server |
|
|
|
# caddys default is no access logs at all |
|
# comment this block out for debugging |
|
#log { |
|
# output file /var/log/caddy-access.log |
|
#} |
|
} |
|
|
|
# redirect www. subdomain to apex (root) domain |
|
www.miom.space { |
|
import security_headers |
|
redir https://miom.space{uri} |
|
}
|
|
|