~deimos/searxng-iceland

70094ee11c17c88b9bde81ab7dff1384200996df — andrew a month ago ca7390e
revert caddyfile format
1 files changed, 56 insertions(+), 0 deletions(-)

M caddyfile
M caddyfile => caddyfile +56 -0
@@ 1,1 1,57 @@
(common_opts) {
	encode zstd gzip

  # zerossl config
  tls { 
	import zerossl-api
	}
#  tls hostmaster@searx.is

	header {
		# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

		# Enable cross-site filter (XSS) and tell browser to block detected attacks
		X-XSS-Protection "1; mode=block"

		# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
		X-Content-Type-Options nosniff

		# Disallow the site to be rendered within a frame (clickjacking protection)
		X-Frame-Options SAMEORIGIN

		# Disable some features
		Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"

		# Disable some features (legacy)
		Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"

		# Referer
		Referrer-Policy "no-referrer"

		# X-Robots-Tag
		X-Robots-Tag "noindex, noarchive, nofollow"

		# Remove Server header
		-Server

		# Allow caching up to a week
		Cache-Control max-age=31536000
	}
}

searx.is {
	reverse_proxy localhost:8080
	import common_opts
}

docs.searx.is {
	root * /public_html
	file_server
	import common_opts
}

nostr.searx.is {
  reverse_proxy localhost:7000
  import common_opts
}