mirror of
https://github.com/dump-dvb/nix-config.git
synced 2024-06-15 04:16:57 +02:00
better nginx defaults
This commit is contained in:
parent
58c10b5935
commit
a6602f815b
|
@ -124,6 +124,7 @@
|
|||
./modules/numbering.nix
|
||||
./modules/grafana.nix
|
||||
./modules/website.nix
|
||||
./modules/documentation.nix
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
data-accumulator.overlay."x86_64-linux"
|
||||
|
|
|
@ -1,7 +1,11 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.email = "dump-dvb@protonmail.com";
|
||||
services.nginx.commonHttpConfig = ''
|
||||
services.nginx = {
|
||||
recommendedTlsSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedGzipSettings = true;
|
||||
commonHttpConfig = ''
|
||||
# Enable CSP for your services.
|
||||
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
|
||||
|
||||
|
@ -17,5 +21,6 @@
|
|||
# Enable XSS protection of the browser.
|
||||
# May be unnecessary when CSP is configured properly (see above)
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
'';
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user