Bootstrap caddy reverse role

2019-02-01 16:11:31 +01:00 · 2019-02-01 16:11:31 +01:00 · b3169c0fcf
commit b3169c0fcf
9 changed files with 150 additions and 0 deletions
--- a/templates/reverse.caddy.j2
+++ b/templates/reverse.caddy.j2
@ -0,0 +1,25 @@
+{{ vhost_url }} {
+
+    header / {
+        # Enable HTTP Strict Transport Security (HSTS) to force clients to always
+        # connect via HTTPS (do not use if only testing)
+        Strict-Transport-Security "max-age=31536000;"
+        # Enable cross-site filter (XSS) and tell browser to block detected attacks
+        X-XSS-Protection "1; mode=block"
+        # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
+        X-Content-Type-Options "nosniff"
+        # Disallow the site to be rendered within a frame (clickjacking protection)
+        X-Frame-Options "DENY"
+    }
+
+    proxy / http://{{ reverse_location }}:{{ reverse_port }} {
+        transparent
+    }
+
+    log {{ caddy_logs }}/{{ vhost_name }}/access.log {
+        rotate_size  100
+        rotate_age   30
+        rotate_keep  10
+    }
+
+}