From 23cb3bfeec41b28fc7ec5105f2ae39f150a18e48 Mon Sep 17 00:00:00 2001 From: Benoit Date: Fri, 11 Oct 2024 20:09:51 +0900 Subject: [PATCH] Add mastodon --- 03frontends.cfg | 6 ++++-- 05backends.cfg | 12 +++++++++++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/03frontends.cfg b/03frontends.cfg index a482609..d71e296 100644 --- a/03frontends.cfg +++ b/03frontends.cfg @@ -289,14 +289,16 @@ frontend frontend_default http-request redirect prefix https://%[hdr(host),regsub(^www\.,,i)] code 301 if { hdr_beg(host) -i www. } acl letsencrypt path_beg /.well-known/acme-challenge/ - + acl laminar hdr(host) -i laminar.benoit.jp.net acl forgejo hdr(host) -i forgejo.benoit.jp.net + acl mastodon hdr(host) -i mastodon.benoit.jp.net #http-request deny if flux !JP !letsencrypt #http-request deny if dns !JP !SG !letsencrypt - + use_backend letsencrypt if letsencrypt use_backend laminar if laminar use_backend forgejo if forgejo + use_backend mastodon if mastodon default_backend default diff --git a/05backends.cfg b/05backends.cfg index 7786535..1f87bb1 100644 --- a/05backends.cfg +++ b/05backends.cfg @@ -23,4 +23,14 @@ backend forgejo http-response set-header X-Content-Type-Options "nosniff" http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin" - server laminar forgejo.incus:3000 check + server forgejo forgejo.incus:3000 check + +backend forgejo + # set HSTS for one year after all responses + http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" + # add some Security headers + http-response set-header X-Frame-Options "SAMEORIGIN" + http-response set-header X-Content-Type-Options "nosniff" + http-response set-header Referrer-Policy "strict-origin-when-cross-origin" + http-response set-header Cross-Origin-Resource-Policy "same-origin" + server mastodon mastodon.incus:80 send-proxy check