task | config w1 to run caddy

This commit is contained in:
Don Harper 2024-12-26 08:52:43 -06:00
parent ced514f3b5
commit ec04e078e6
34 changed files with 525 additions and 83 deletions

84
hosts/w1/caddy/Caddyfile Normal file
View file

@ -0,0 +1,84 @@
w1.duckland.org {
tls duck@duckland.org
root * /srv/duckland
encode gzip
file_server
header / {
Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
X-Xss-Protection = "1; mode=block"
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
Permissions-Policy = "fullscreen=(self)"
cache-control = "max-age=0,no-cache,no-store,must-revalidate"
}
}
w1.donharper.org {
tls duck@duckland.org
root * /srv/donharper
encode gzip
file_server
header / {
Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
X-Xss-Protection = "1; mode=block"
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
Permissions-Policy = "fullscreen=(self)"
cache-control = "max-age=0,no-cache,no-store,must-revalidate"
}
}
w1.donaldharper.com {
tls duck@duckland.org
root * /srv/donaldharper
encode gzip
file_server
header / {
Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
X-Xss-Protection = "1; mode=block"
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
Permissions-Policy = "fullscreen=(self)"
cache-control = "max-age=0,no-cache,no-store,must-revalidate"
}
}
travel.donaldharper.com {
tls duck@duckland.org
root * /srv/travel
encode gzip
file_server
header / {
Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
X-Xss-Protection = "1; mode=block"
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
Permissions-Policy = "fullscreen=(self)"
cache-control = "max-age=0,no-cache,no-store,must-revalidate"
}
}
p365.donaldharper.com {
tls duck@duckland.org
root * /srv/p365
encode gzip
file_server
header / {
Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
X-Xss-Protection = "1; mode=block"
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "strict-origin-when-cross-origin"
Permissions-Policy = "fullscreen=(self)"
cache-control = "max-age=0,no-cache,no-store,must-revalidate"
}
}