feat: add http security headers to caddyfile
This commit is contained in:
@@ -1,30 +1,36 @@
|
||||
{
|
||||
auto_https off
|
||||
admin off
|
||||
auto_https off
|
||||
admin off
|
||||
}
|
||||
|
||||
:80 {
|
||||
encode zstd gzip
|
||||
encode zstd gzip
|
||||
|
||||
handle /mcp {
|
||||
reverse_proxy 127.0.0.1:3001
|
||||
}
|
||||
header {
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
X-Content-Type-Options "nosniff"
|
||||
Referrer-Policy "strict-origin-when-cross-origin"
|
||||
}
|
||||
|
||||
@app path / /api/*
|
||||
handle @app {
|
||||
reverse_proxy 127.0.0.1:3000
|
||||
}
|
||||
handle /mcp {
|
||||
reverse_proxy 127.0.0.1:3001
|
||||
}
|
||||
|
||||
handle {
|
||||
root * /srv/public
|
||||
@app path / /api/*
|
||||
handle @app {
|
||||
reverse_proxy 127.0.0.1:3000
|
||||
}
|
||||
|
||||
@html path /index.html /d/* /p/*
|
||||
header @html Cache-Control "no-cache"
|
||||
handle {
|
||||
root * /srv/public
|
||||
|
||||
@assets path_regexp assets \.(?:css|js|mjs|svg|png|jpg|jpeg|gif|webp|ico|woff2?|ttf|otf)$
|
||||
header @assets Cache-Control "public, max-age=31536000, immutable"
|
||||
@html path /index.html /d/* /p/*
|
||||
header @html Cache-Control "no-cache"
|
||||
|
||||
try_files {path} /index.html
|
||||
file_server
|
||||
}
|
||||
@assets path_regexp assets \.(?:css|js|mjs|svg|png|jpg|jpeg|gif|webp|ico|woff2?|ttf|otf)$
|
||||
header @assets Cache-Control "public, max-age=31536000, immutable"
|
||||
|
||||
try_files {path} /index.html
|
||||
file_server
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user