mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-25 02:18:31 +01:00
added .well-known path to Caddy2 example, closes #1442
This commit is contained in:
parent
a5e840f3d3
commit
06f3b813d6
@ -27,6 +27,10 @@ matrix.DOMAIN.tld {
|
|||||||
not path /matrix/static-files/*
|
not path /matrix/static-files/*
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@wellknown {
|
||||||
|
path /.well-known/matrix/*
|
||||||
|
}
|
||||||
|
|
||||||
header {
|
header {
|
||||||
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
||||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
@ -69,6 +73,15 @@ matrix.DOMAIN.tld {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
handle @wellknown {
|
||||||
|
encode zstd gzip
|
||||||
|
root * /matrix/static-files
|
||||||
|
header Cache-Control max-age=14400
|
||||||
|
header Content-Type application/json
|
||||||
|
header Access-Control-Allow-Origin *
|
||||||
|
file_server
|
||||||
|
}
|
||||||
|
|
||||||
handle {
|
handle {
|
||||||
encode zstd gzip
|
encode zstd gzip
|
||||||
|
|
||||||
@ -102,17 +115,17 @@ element.DOMAIN.tld {
|
|||||||
# tls your@email.com
|
# tls your@email.com
|
||||||
|
|
||||||
header {
|
header {
|
||||||
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
||||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
||||||
X-XSS-Protection "1; mode=block"
|
X-XSS-Protection "1; mode=block"
|
||||||
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
|
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
|
||||||
X-Content-Type-Options "nosniff"
|
X-Content-Type-Options "nosniff"
|
||||||
# Disallow the site to be rendered within a frame (clickjacking protection)
|
# Disallow the site to be rendered within a frame (clickjacking protection)
|
||||||
X-Frame-Options "DENY"
|
X-Frame-Options "DENY"
|
||||||
# X-Robots-Tag
|
# X-Robots-Tag
|
||||||
X-Robots-Tag "noindex, noarchive, nofollow"
|
X-Robots-Tag "noindex, noarchive, nofollow"
|
||||||
}
|
}
|
||||||
|
|
||||||
handle {
|
handle {
|
||||||
encode zstd gzip
|
encode zstd gzip
|
||||||
|
Loading…
Reference in New Issue
Block a user