Update example caddy file

2022-05-03 19:17:23 +01:00 · 2022-05-03 19:17:23 +01:00 · ef8ca26c5c
parent c6b0387cc8
commit ef8ca26c5c
1 changed files with 23 additions and 18 deletions
--- a/caddy.example.conf
+++ b/caddy.example.conf
@ -1,23 +1,28 @@
-# Caddy configuration file for running epicyon on example.com
+# Example configuration file for running Caddy2 in front of Epicyon

-example.com {
-  tls {
-    # Valid values are rsa2048, rsa4096, rsa8192, p256, and p384.
-    # Default is currently p256.
-    key_type p384
-  }
-  header / Strict-Transport-Security "max-age=31556925"
-  header / X-Content-Type-Options "nosniff"
-  header / X-Download-Options "noopen"
-  header / X-Frame-Options "DENY"
-  header / X-Permitted-Cross-Domain-Policies "none"
-  header / X-Robots-Tag "noindex"
-  header / X-XSS-Protection "1; mode=block"
+YOUR_DOMAIN {
+  tls USER@YOUR_DOMAIN

-  proxy / http://localhost:7156 {
-    transparent
-    timeout 10800s
+  header {
+    Strict-Transport-Security "max-age=31556925"
+    Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'"
+    X-Content-Type-Options "nosniff"
+    X-Download-Options "noopen"
+    X-Frame-Options "DENY"
+    X-Permitted-Cross-Domain-Policies "none"
+    X-XSS-Protection "1; mode=block"
  }
+
+  route /newsmirror/* {
+    root * /var/www/YOUR_DOMAIN
+    file_server
+  }
+
+  route /* {
+    reverse_proxy http://127.0.0.1:7156
+  }
+
+  encode zstd gzip
 }

-# eof
+# eof