From ef8ca26c5c702915685f6df5ce40a4a87b0be867 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@libreserver.org>
Date: Tue, 3 May 2022 19:17:23 +0100
Subject: [PATCH] Update example caddy file

---
 caddy.example.conf | 41 +++++++++++++++++++++++------------------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/caddy.example.conf b/caddy.example.conf
index 615501443..3efed5a76 100644
--- a/caddy.example.conf
+++ b/caddy.example.conf
@@ -1,23 +1,28 @@
-# Caddy configuration file for running epicyon on example.com
+# Example configuration file for running Caddy2 in front of Epicyon
 
-example.com {
-  tls {
-    # Valid values are rsa2048, rsa4096, rsa8192, p256, and p384.
-    # Default is currently p256.
-    key_type p384
-  }
-  header / Strict-Transport-Security "max-age=31556925"
-  header / X-Content-Type-Options "nosniff"
-  header / X-Download-Options "noopen"
-  header / X-Frame-Options "DENY"
-  header / X-Permitted-Cross-Domain-Policies "none"
-  header / X-Robots-Tag "noindex"
-  header / X-XSS-Protection "1; mode=block"
+YOUR_DOMAIN {
+  tls USER@YOUR_DOMAIN
 
-  proxy / http://localhost:7156 {
-    transparent
-    timeout 10800s
+  header {
+    Strict-Transport-Security "max-age=31556925"
+    Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'"
+    X-Content-Type-Options "nosniff"
+    X-Download-Options "noopen"
+    X-Frame-Options "DENY"
+    X-Permitted-Cross-Domain-Policies "none"
+    X-XSS-Protection "1; mode=block"
   }
+
+  route /newsmirror/* {
+    root * /var/www/YOUR_DOMAIN
+    file_server
+  }
+
+  route /* {
+    reverse_proxy http://127.0.0.1:7156
+  }
+
+  encode zstd gzip
 }
 
-# eof
+# eof
\ No newline at end of file