Nixius
/
lucky-ddg
forked from colin/resume
2
0
Fork 0
Code Pull Requests Activity

Delete docker/resume/nginx.conf

This commit is contained in:
colin 2025-02-09 14:13:36 -05:00
parent 92a298c487
commit df315f1678
1 changed files with 0 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
docker/resume/nginx.conf
View File

@ -1,53 +0,0 @@
# Use $request_id as a pseudo-nonce for Content Security Policy (CSP)
map $request_id $nonce {
default "$request_id";
}
server {
listen 8080;
root /usr/share/nginx/html;
index resume.html;
# Security headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=(), accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()" always;
# Updated Content Security Policy (CSP) with 'unsafe-inline' temporarily for style-src
add_header Content-Security-Policy "
default-src 'none';
script-src 'self' 'nonce-$nonce' https://matomo.nixc.us https://gist.github.com https://assets-cdn.github.com;
style-src 'self' 'nonce-$nonce' https://colinknapp.com https://getbootstrap.com https://fonts.googleapis.com 'unsafe-inline';
img-src 'self' https://matomo.nixc.us https://colinknapp.com https://hedgedoc.nixc.us https://assets-cdn.github.com https://github.com https://forkaweso.me https://ionicons.com https://twitter.com data:;
font-src 'self' https://fonts.gstatic.com https://github.com https://forkaweso.me data:;
connect-src 'self' https://matomo.nixc.us;
frame-ancestors 'self';
base-uri 'self';
form-action 'self';
" always;
# Cross-origin isolation headers
add_header Cross-Origin-Embedder-Policy "require-corp" always;
add_header Cross-Origin-Resource-Policy "same-origin" always;
add_header Cross-Origin-Opener-Policy "same-origin" always;
# Apply CORP header for the apple-touch-icon to allow cross-origin access
location /icons/apple-touch-icon.png {
add_header Cross-Origin-Resource-Policy "cross-origin";
}
# Use sub_filter to inject the nonce into inline <script> and <style> tags automatically
sub_filter '<script>' '<script nonce="$nonce">';
sub_filter '<style>' '<style nonce="$nonce">';
sub_filter_once off;
sub_filter_types text/html;
# Redirect demo.hedgedoc.org resources to hedgedoc.nixc.us
sub_filter "https://demo.hedgedoc.org" "https://hedgedoc.nixc.us";
location / {
try_files $uri $uri/ =404;
}
}