miom.space/Caddyfile

45 lines
1 KiB
Caddyfile
Raw Normal View History

2022-01-16 21:05:02 +00:00
# global options
2021-10-22 11:13:16 +00:00
{
2022-01-16 21:05:02 +00:00
# remove comment to use staging Let's Encrypt servers (for testing)
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
# auto_https contact mail address, for TLS certs notifications (expiry,
# other problems with certs)
email admins@pub.solar
# default to no-logs-policy, don't log anything
# comment this block out for debugging
log {
output discard
}
2021-10-22 11:13:16 +00:00
}
# static file server
2021-10-22 16:06:11 +00:00
miom.space {
root * /srv/miom.space
file_server
}
2022-01-16 21:05:02 +00:00
# redirect www. subdomain to apex (root) domain
www.miom.space {
redir https://miom.space{uri}
2021-10-22 11:13:16 +00:00
}
# security and privacy headers
header {
# disable FLoC tracking
Permissions-Policy interest-cohort=()
# enable HSTS
Strict-Transport-Security max-age=63072000;
# disable clients from sniffing the media type
X-Content-Type-Options nosniff
# clickjacking protection
X-Frame-Options DENY
# keep referrer data off of HTTP connections
Referrer-Policy no-referrer-when-downgrade
}