bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added https parts site, video site, fixed modsecurity

Browse Source
This commit is contained in:
Bastian de Byl
2022-04-12 01:15:51 -04:00
parent 232b28a647
commit 9fbe473e3c
22 changed files with 193 additions and 246 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ansible/roles/http/templates/nginx/sites/ci.bdebyl.net.https.conf.j2
View File

@@ -3,6 +3,9 @@ upstream drone {
}
server {
modsecurity on;
modsecurity_rules_file {{ nginx_path }}/modsec_includes.conf;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ ci_server_name }};
@@ -22,9 +25,6 @@ server {
ssl_stapling_verify on;
location / {
modsecurity on;
modsecurity_rules_file {{ nginx_path }}/modsec_includes.conf;
add_header Allow "GET, POST, HEAD" always;
add_header Content-Security-Policy "default-src 'self'; img-src 'self' https://*.githubusercontent.com; frame-ancestors 'self'; base-uri 'none',base-uri 'self'; form-action 'self'" always;
add_header Referrer-Policy "same-origin" always;