galaxy-caddy/templates/http.caddy.j2

35 lines
872 B
Django/Jinja

{{ test_url }} {
{% if test_acme %}
header / {
# Enable HTTP Strict Transport Security (HSTS) to force clients to always
# connect via HTTPS (do not use if only testing)
Strict-Transport-Security "max-age=31536000;"
# Enable cross-site filter (XSS) and tell browser to block detected attacks
X-XSS-Protection "1; mode=block"
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
X-Content-Type-Options "nosniff"
# Disallow the site to be rendered within a frame (clickjacking protection)
X-Frame-Options "DENY"
}
{% else %}
tls internal
{% endif %}
log {
output file {{ caddy_logs }}/{{ test_name }}/vhost.log
}
root * {{ test_code }}
file_server
encode zstd gzip
}
{% if test_www %}
www.{{ test_url }} {
redir https://{{ test_url }}
}
{% endif %}