From 5b959ef98fd63ab95a964beab398695af59cfd32 Mon Sep 17 00:00:00 2001
From: Benoit <forgejo@benoit.jp.net>
Date: Thu, 14 Nov 2024 21:38:15 +0900
Subject: [PATCH] Add Linkding

---
 03frontends.cfg |  4 +++-
 05backends.cfg  | 10 ++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/03frontends.cfg b/03frontends.cfg
index 5d37a15..4447afd 100644
--- a/03frontends.cfg
+++ b/03frontends.cfg
@@ -301,12 +301,14 @@ frontend frontend_default
   acl laminar hdr(host) -i laminar.benoit.jp.net
   acl forgejo hdr(host) -i forgejo.benoit.jp.net
   acl mastodon hdr(host) -i mastodon.benoit.jp.net
-  #http-request deny if flux !JP !letsencrypt
+  acl linkding hdr(host) -i linkding.benoit.jp.net
+  http-request deny if linkding !JP !letsencrypt
   #http-request deny if dns !JP !SG !letsencrypt
 
   use_backend letsencrypt if letsencrypt
   use_backend laminar if laminar
   use_backend forgejo if forgejo
   use_backend mastodon if mastodon
+  use_backend linkding if linkding
 
   default_backend default
diff --git a/05backends.cfg b/05backends.cfg
index ee972e8..e60ddae 100644
--- a/05backends.cfg
+++ b/05backends.cfg
@@ -34,3 +34,13 @@ backend mastodon
   http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
   http-response set-header Cross-Origin-Resource-Policy "same-origin"
   server mastodon mastodon.incus:80 send-proxy check
+
+backend linkding
+  # set HSTS for one year after all responses
+  http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+  # add some Security headers
+  http-response set-header X-Frame-Options "SAMEORIGIN"
+  http-response set-header X-Content-Type-Options "nosniff"
+  http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
+  http-response set-header Cross-Origin-Resource-Policy "same-origin"
+  server linkding linkding.incus:9090 check