-
-
Notifications
You must be signed in to change notification settings - Fork 128
/
nginx.conf
43 lines (36 loc) · 1.84 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
server {
listen 8080;
root /usr/share/nginx/html;
server_tokens off;
charset utf-8;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
location /healthz {
return 200;
}
location / {
index index.html index.htm;
# Redirect HTTP requests to HTTPS.
if ($http_x_forwarded_proto = "http") {
return 301 https://$host$request_uri;
}
expires 7d;
add_header Cache-Control "public";
add_header Strict-Transport-Security "max-age=31536000;";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header NEL '{"report_to":"default","max_age":2592000}';
add_header Report-To '{"group":"default","max_age":10886400,"endpoints":[{"url":"https://reportd.natwelch.com/report/resume"}]}';
add_header Content-Security-Policy "default-src 'none'; img-src 'self' https://fonts.gstatic.com https://icco.imgix.net https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://unpkg.com https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' https://unpkg.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com https://reportd.natwelch.com; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; report-uri https://reportd.natwelch.com/report/resume; report-to default";
add_header Referrer-Policy "no-referrer";
add_header Reporting-Endpoints "default=\"https://reportd.natwelch.com/reporting/resume\"";
}
}