summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrick Spek <p.spek@tyil.nl>2022-05-26 23:33:26 +0200
committerPatrick Spek <p.spek@tyil.nl>2022-05-26 23:33:26 +0200
commit1b744c70f2a3f591392e0a362874aa6f55c1fe5c (patch)
treec8a038d5992f494c658935152e0eb3358a1a73fa
parentddf102d577a74b9b1ca51f2e95e3ee358f1565ca (diff)
Add exception for security headers for git.tyil.nl
-rw-r--r--playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.git6
1 files changed, 5 insertions, 1 deletions
diff --git a/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.git b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.git
index 65d1bb9..650b55c 100644
--- a/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.git
+++ b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.git
@@ -8,9 +8,13 @@ server {
ssl_certificate_key /etc/letsencrypt/live/git.tyil.nl/privkey.pem;
include /etc/nginx/snippets.d/certbot.conf;
- include /etc/nginx/snippets.d/headers.conf;
include /etc/nginx/snippets.d/ssl.conf;
+ add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'" always;
+ add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+ add_header X-Content-Type-Options "nosniff" always;
+ add_header X-Frame-Options "SAMEORIGIN" always;
+
root /usr/share/webapps/cgit/1.2.3-r100/htdocs;
location / {