caddy: use snippet for headers, format with caddy fmt

2022-04-01 10:49:37 +02:00 · 2022-04-01 10:49:37 +02:00 · db55583367
commit db55583367
parent 1acf62b413
1 changed files with 35 additions and 31 deletions
--- a/42
+++ b/42
@ -8,25 +8,9 @@
 	email admins@pub.solar
 }

-# static file server
-miom.space {
-        root * /srv/miom.space
-        file_server
-
-        # caddys default is no access logs at all
-        # comment this block out for debugging
-        #log {
-        #        output file /var/log/caddy-access.log
-        #}
-}
-
-# redirect www. subdomain to apex (root) domain
-www.miom.space {
-        redir https://miom.space{uri}
-}
-
-# security and privacy headers
-header {
+# security and privacy header snippet
+(security_headers) {
+	header {
 		# disable FLoC tracking
 		Permissions-Policy interest-cohort=()

@ -41,4 +25,24 @@ header {

 		# keep referrer data off of HTTP connections
 		Referrer-Policy no-referrer-when-downgrade
+	}
+}
+
+# static file server
+miom.space {
+	import security_headers
+	root * /srv/miom.space
+	file_server
+
+	# caddys default is no access logs at all
+	# comment this block out for debugging
+	#log {
+	#        output file /var/log/caddy-access.log
+	#}
+}
+
+# redirect www. subdomain to apex (root) domain
+www.miom.space {
+	import security_headers
+	redir https://miom.space{uri}
 }