miom.space/Caddyfile

# global options
{
        # remove comment to use staging Let's Encrypt servers (for testing)
        # acme_ca https://acme-staging-v02.api.letsencrypt.org/directory

        # auto_https contact mail address, for TLS certs notifications (expiry,
        # other problems with certs)
        email admins@pub.solar
}

# static file server
miom.space {
        root * /srv/miom.space
        file_server

        # caddys default is no access logs at all
        # comment this block out for debugging
        #log {
        #        output file /var/log/caddy-access.log
        #}
}

# redirect www. subdomain to apex (root) domain
www.miom.space {
        redir https://miom.space{uri}
}

# security and privacy headers
header {
	# disable FLoC tracking
	Permissions-Policy interest-cohort=()

	# enable HSTS
	Strict-Transport-Security max-age=63072000;

	# disable clients from sniffing the media type
	X-Content-Type-Options nosniff

	# clickjacking protection
	X-Frame-Options DENY

	# keep referrer data off of HTTP connections
	Referrer-Policy no-referrer-when-downgrade
}
caddy: fmt, improve comments 2022-01-16 21:05:02 +00:00			`# global options`
Simple lume setup 2021-10-22 11:13:16 +00:00			`{`
caddy: fmt, improve comments 2022-01-16 21:05:02 +00:00			`# remove comment to use staging Let's Encrypt servers (for testing)`
			`# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory`

			`# auto_https contact mail address, for TLS certs notifications (expiry,`
			`# other problems with certs)`
			`email admins@pub.solar`
Simple lume setup 2021-10-22 11:13:16 +00:00			`}`

caddy: follow upstream example, use /srv dir for serving static files 2022-01-16 21:04:02 +00:00			`# static file server`
Update caddy config 2021-10-22 16:06:11 +00:00			`miom.space {`
caddy: follow upstream example, use /srv dir for serving static files 2022-01-16 21:04:02 +00:00			`root * /srv/miom.space`
			`file_server`
Fix comment about caddy's default no access log policy 2022-03-31 17:02:05 +00:00
			`# caddys default is no access logs at all`
			`# comment this block out for debugging`
			`#log {`
			`# output file /var/log/caddy-access.log`
			`#}`
caddy: follow upstream example, use /srv dir for serving static files 2022-01-16 21:04:02 +00:00			`}`
caddy: fmt, improve comments 2022-01-16 21:05:02 +00:00
			`# redirect www. subdomain to apex (root) domain`
			`www.miom.space {`
			`redir https://miom.space{uri}`
Simple lume setup 2021-10-22 11:13:16 +00:00			`}`
caddy: add privacy and security headers 2022-01-17 09:50:27 +00:00
			`# security and privacy headers`
			`header {`
			`# disable FLoC tracking`
			`Permissions-Policy interest-cohort=()`

			`# enable HSTS`
			`Strict-Transport-Security max-age=63072000;`

			`# disable clients from sniffing the media type`
			`X-Content-Type-Options nosniff`

			`# clickjacking protection`
			`X-Frame-Options DENY`

			`# keep referrer data off of HTTP connections`
			`Referrer-Policy no-referrer-when-downgrade`
			`}`