mirror of
https://github.com/dump-dvb/nix-config.git
synced 2024-06-14 03:46:59 +02:00
fix headers
This commit is contained in:
parent
46f3c8cf66
commit
82d5d9ae87
|
@ -23,9 +23,6 @@ in
|
|||
"api.${config.dump-dvb.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = ''
|
||||
add_header Access-Control-Allow-Origin: *;
|
||||
'';
|
||||
locations = {
|
||||
"/" = {
|
||||
proxyPass = with config.dump-dvb.api; "http://127.0.0.1:${toString port}/";
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
{ ... }: {
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.defaults.email = "dump-dvb@protonmail.com";
|
||||
services.nginx = {
|
||||
recommendedTlsSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedGzipSettings = true;
|
||||
commonHttpConfig = ''
|
||||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
default-headers = ''
|
||||
# Permissions Policy - gps only
|
||||
add_header Permissions-Policy "geolocation=()";
|
||||
|
||||
|
@ -24,6 +19,19 @@
|
|||
|
||||
# STS
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
'';
|
||||
};
|
||||
'';
|
||||
data-hoarder-headers = if lib.hasSuffix "data-hoarder" config.networking.hostName then ''
|
||||
add_header Access-Control-Allow-Origin: *;
|
||||
'' else '''';
|
||||
headers = default-headers + data-hoarder-headers;
|
||||
in
|
||||
{
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.defaults.email = "dump-dvb@protonmail.com";
|
||||
services.nginx = {
|
||||
recommendedTlsSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedGzipSettings = true;
|
||||
commonHttpConfig = headers;
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user