2019-02-01 16:11:31 +01:00
|
|
|
{{ vhost_url }} {
|
|
|
|
|
|
|
|
|
|
header / {
|
|
|
|
|
# Enable HTTP Strict Transport Security (HSTS) to force clients to always
|
|
|
|
|
# connect via HTTPS (do not use if only testing)
|
|
|
|
|
Strict-Transport-Security "max-age=31536000;"
|
|
|
|
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
|
|
|
|
X-XSS-Protection "1; mode=block"
|
|
|
|
|
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
|
|
|
|
|
X-Content-Type-Options "nosniff"
|
|
|
|
|
# Disallow the site to be rendered within a frame (clickjacking protection)
|
|
|
|
|
X-Frame-Options "DENY"
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-19 21:28:43 +02:00
|
|
|
reverse_proxy http://{{ reverse_location }}:{{ reverse_port }}
|
2019-02-01 16:11:31 +01:00
|
|
|
|
2019-02-01 19:04:44 +01:00
|
|
|
{% if websocket %}
|
2020-05-19 21:28:43 +02:00
|
|
|
reverse_proxy {{ websocket_path }} http://{{ websocket_location }}:{{ websocket_port }}
|
2019-02-01 17:45:14 +01:00
|
|
|
{% endif %}
|
|
|
|
|
|
2019-07-01 22:15:44 +02:00
|
|
|
{% if proxy_rule %}
|
2020-05-19 21:28:43 +02:00
|
|
|
reverse_proxy {{ proxy_path }} http://{{ proxy_location }}:{{ proxy_port }}
|
2019-07-01 22:15:44 +02:00
|
|
|
{% endif %}
|
|
|
|
|
|
2020-05-19 21:28:43 +02:00
|
|
|
log {
|
|
|
|
|
output file {{ caddy_logs }}/{{ vhost_name }}/vhost.log
|
2020-03-19 16:44:07 +01:00
|
|
|
}
|
|
|
|
|
|
2019-02-01 16:11:31 +01:00
|
|
|
}
|
2020-05-21 12:04:20 +02:00
|
|
|
|
|
|
|
|
{% if www_redirect %}
|
|
|
|
|
www.{{ vhost_url }} {
|
|
|
|
|
redir https://{{ vhost_url }}
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
