76 lines
3.5 KiB
INI
76 lines
3.5 KiB
INI
# Backends
|
|
backend default
|
|
tcp-request content reject
|
|
|
|
backend letsencrypt
|
|
server certbot 127.0.0.1:8899
|
|
|
|
backend laminar
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server laminar laminar.incus:8080 check
|
|
|
|
backend forgejo
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server forgejo forgejo.incus:3000 check
|
|
|
|
backend mastodon
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server mastodon mastodon2.incus:80 send-proxy check
|
|
|
|
backend linkding
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server linkding linkding.incus:9090 check
|
|
|
|
backend archive
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server archive archive.incus:80 check
|
|
|
|
backend adguard
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server adguard adguard.incus:3000 check
|
|
|
|
backend vaultwarden
|
|
# set HSTS for one year after all responses
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# add some Security headers
|
|
http-response set-header X-Frame-Options "SAMEORIGIN"
|
|
http-response set-header X-Content-Type-Options "nosniff"
|
|
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
|
|
http-response set-header Cross-Origin-Resource-Policy "same-origin"
|
|
server vaultwarden vaultwarden.incus:80 check
|