30 lines
761 B
Caddyfile
30 lines
761 B
Caddyfile
|
# Global options
|
||
|
{
|
||
|
email {{ caddy_email }}
|
||
|
}
|
||
|
|
||
|
# Common security response headers
|
||
|
(security-headers) {
|
||
|
header {
|
||
|
# disable Google FLoC tracking
|
||
|
Permissions-Policy interest-cohort=()
|
||
|
|
||
|
# enable HSTS
|
||
|
Strict-Transport-Security max-age=31536000
|
||
|
|
||
|
# disable clients from sniffing the media type
|
||
|
X-Content-Type-Options nosniff
|
||
|
|
||
|
# clickjacking protection: refuse to allow rendering this page
|
||
|
# in a frame, iframe, etc.
|
||
|
X-Frame-Options DENY
|
||
|
|
||
|
# keep referrer data off of HTTP connections
|
||
|
Referrer-Policy no-referrer-when-downgrade
|
||
|
}
|
||
|
}
|
||
|
|
||
|
# Import additional caddy config files in /etc/caddy/conf.d/
|
||
|
# Note: these are imported in lexical sort order!
|
||
|
import /etc/caddy/conf.d/*
|