From f478bb0664d024dee679b86cdc73762363606b8a Mon Sep 17 00:00:00 2001 From: Aevann Date: Fri, 28 Jul 2023 02:56:35 +0300 Subject: [PATCH] move includes to the repo --- docker-compose.yml | 4 ++-- includes/headers | 6 ++++++ nginx-serve-static.conf => includes/serve-static | 0 nginx-headers.conf | 6 ------ 4 files changed, 8 insertions(+), 8 deletions(-) create mode 100644 includes/headers rename nginx-serve-static.conf => includes/serve-static (100%) delete mode 100644 nginx-headers.conf diff --git a/docker-compose.yml b/docker-compose.yml index a2f35ea3c..6306c259e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,8 +6,8 @@ services: volumes: - "./:/d" - "./nginx.conf:/etc/nginx/sites-enabled/1" - - "./nginx-serve-static.conf:/etc/nginx/includes/serve-static" - - "./nginx-headers.conf:/etc/nginx/includes/headers" + - "./includes/serve-static:/etc/nginx/includes/serve-static" + - "./includes/headers:/etc/nginx/includes/headers" links: - "redis" - "postgres" diff --git a/includes/headers b/includes/headers new file mode 100644 index 000000000..c934843c7 --- /dev/null +++ b/includes/headers @@ -0,0 +1,6 @@ +add_header Referrer-Policy "same-origin"; +add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; +add_header X-Frame-Options "deny"; +add_header X-Content-Type-Options "nosniff"; +add_header Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; worker-src 'self'; base-uri 'self'; font-src 'self'; style-src-elem 'self'; style-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; script-src-elem 'self' challenges.cloudflare.com; script-src-attr 'none'; script-src 'self' challenges.cloudflare.com; media-src 'self' https:; img-src 'self' https: data:; frame-src challenges.cloudflare.com www.youtube-nocookie.com platform.twitter.com rumble.com player.twitch.tv; connect-src 'self' videos.watchpeopledie.tv use1.fptls.com use1.fptls3.com api.fpjs.io;"; +add_header Cross-Origin-Opener-Policy "same-origin"; diff --git a/nginx-serve-static.conf b/includes/serve-static similarity index 100% rename from nginx-serve-static.conf rename to includes/serve-static diff --git a/nginx-headers.conf b/nginx-headers.conf deleted file mode 100644 index 3c334db66..000000000 --- a/nginx-headers.conf +++ /dev/null @@ -1,6 +0,0 @@ -add_header Referrer-Policy "same-origin"; -add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; -add_header X-Frame-Options "deny"; -add_header X-Content-Type-Options "nosniff"; -add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; worker-src 'self'; base-uri 'self'; font-src 'self'; style-src-elem 'self'; style-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; script-src-elem 'self' challenges.cloudflare.com; script-src-attr 'none'; script-src 'self' challenges.cloudflare.com; media-src 'self' https:; img-src 'self' https: data:; frame-src challenges.cloudflare.com www.youtube-nocookie.com platform.twitter.com rumble.com player.twitch.tv; connect-src 'self' use1.fptls.com use1.fptls3.com api.fpjs.io;"; -add_header Cross-Origin-Opener-Policy "same-origin";