Add miniflux

03frontends.cfg

@@ -310,11 +310,13 @@ frontend frontend_default
   acl laminar hdr(host) -i laminar.benoit.jp.net
   acl linkding hdr(host) -i linkding.benoit.jp.net
   acl mastodon hdr(host) -i mastodon.benoit.jp.net
+  acl miniflux hdr(host) -i miniflux.benoit.jp.net
   acl photoprism hdr(host) -i photoprism.benoit.jp.net
   acl vaultwarden hdr(host) -i vaultwarden.benoit.jp.net
 
   http-request deny if adguard !JP !SG !letsencrypt
   http-request deny if kanboard !JP !SG !letsencrypt
+  http-request deny if miniflux !JP !SG !letsencrypt
   http-request deny if photoprism !JP !SG !letsencrypt
   http-request deny if vaultwarden !JP !SG !letsencrypt
 
@@ -326,6 +328,7 @@ frontend frontend_default
   use_backend letsencrypt if letsencrypt
   use_backend linkding if linkding
   use_backend mastodon if mastodon
+  use_backend miniflux if miniflux
   use_backend photoprism if photoprism
   use_backend vaultwarden if vaultwarden
 

05backends.cfg

@@ -94,3 +94,13 @@ backend photoprism
   http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
   http-response set-header Cross-Origin-Resource-Policy "same-origin"
   server photoprism photoprism.incus:2342 check
+
+backend miniflux
+  # set HSTS for one year after all responses
+  http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+  # add some Security headers
+  http-response set-header X-Frame-Options "SAMEORIGIN"
+  http-response set-header X-Content-Type-Options "nosniff"
+  http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
+  http-response set-header Cross-Origin-Resource-Policy "same-origin"
+  server miniflux miniflux.incus:8080 check