diff --git a/configs/nginx.conf b/configs/nginx.conf index ff8bcaf..5190162 100644 --- a/configs/nginx.conf +++ b/configs/nginx.conf @@ -1,26 +1,26 @@ server { - listen 443 ssl http2; - listen 8094; # Tor - listen 127.0.0.1:8114; # I2P + listen 443 ssl http2; + listen 8094; # Tor + listen 127.0.0.1:8114; # I2P - server_name upload.arav.top upload.arav.i2p; - access_log /var/log/nginx/dwelling/upload.log main if=$nolog; + server_name upload.arav.top upload.arav.i2p; + access_log /var/log/nginx/dwelling/upload.log main if=$nolog; - ssl_certificate /etc/letsencrypt/live/arav.top/fullchain.pem; + ssl_certificate /etc/letsencrypt/live/arav.top/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/arav.top/privkey.pem; - add_header Content-Security-Policy "default-src 'self'; script-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'; media-src 'self'; object-src 'none'; frame-src 'none'; frame-ancestors 'none'; font-src 'self'; form-action 'self'"; - add_header X-Frame-Options "DENY"; - add_header X-Content-Type-Options "nosniff"; - add_header X-XSS-Protection "1; mode=block"; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; + add_header Content-Security-Policy "default-src 'self'; script-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'; media-src 'self'; object-src 'none'; frame-src 'none'; frame-ancestors 'none'; font-src 'self'; form-action 'self'"; + add_header X-Frame-Options "DENY"; + add_header X-Content-Type-Options "nosniff"; + add_header X-XSS-Protection "1; mode=block"; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; # add_header Onion-Location "http://.onion$request_uri"; - location / { - proxy_pass http://unix:/tmp/dwelling-upload.sock; - proxy_set_header X-Real-IP $remote_addr; - proxy_buffering off; - } + location / { + proxy_pass http://unix:/tmp/dwelling-upload.sock; + proxy_set_header X-Real-IP $remote_addr; + proxy_buffering off; + } }