nginx-rp: Update headers
This commit is contained in:
parent
8b7e1fa475
commit
efc9f117f9
1 changed files with 16 additions and 5 deletions
|
@ -23,7 +23,7 @@ http {
|
||||||
default_type application/octet-stream;
|
default_type application/octet-stream;
|
||||||
|
|
||||||
# Logging
|
# Logging
|
||||||
log_not_found on;
|
# log_not_found on;
|
||||||
# access_log /var/log/nginx/access.log;
|
# access_log /var/log/nginx/access.log;
|
||||||
# error_log /var/log/nginx/error.log warn;
|
# error_log /var/log/nginx/error.log warn;
|
||||||
|
|
||||||
|
@ -68,10 +68,6 @@ http {
|
||||||
proxy_set_header X-Forwarded-Scheme $scheme;
|
proxy_set_header X-Forwarded-Scheme $scheme;
|
||||||
proxy_set_header Accept-Encoding "";
|
proxy_set_header Accept-Encoding "";
|
||||||
|
|
||||||
# Websocket
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection $connection_upgrade;
|
|
||||||
|
|
||||||
# The `upstream` directives ensure that you have a http/1.1 connection
|
# The `upstream` directives ensure that you have a http/1.1 connection
|
||||||
# This enables the keepalive option and better performance
|
# This enables the keepalive option and better performance
|
||||||
|
@ -135,6 +131,11 @@ http {
|
||||||
|
|
||||||
add_header Set-Cookie "Path=/; HttpOnly; Secure";
|
add_header Set-Cookie "Path=/; HttpOnly; Secure";
|
||||||
|
|
||||||
|
# Websocket
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection $connection_upgrade;
|
||||||
|
|
||||||
client_body_buffer_size 512k;
|
client_body_buffer_size 512k;
|
||||||
proxy_read_timeout 86400s;
|
proxy_read_timeout 86400s;
|
||||||
client_max_body_size 0;
|
client_max_body_size 0;
|
||||||
|
@ -152,6 +153,11 @@ http {
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://vaultwarden-default;
|
proxy_pass http://vaultwarden-default;
|
||||||
|
|
||||||
|
# Websocket
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection $connection_upgrade;
|
||||||
|
|
||||||
client_max_body_size 525M;
|
client_max_body_size 525M;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -166,6 +172,11 @@ http {
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://127.0.0.1:8083;
|
proxy_pass http://127.0.0.1:8083;
|
||||||
|
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000" always;
|
||||||
|
add_header Set-Cookie "Path=/; HttpOnly; Secure";
|
||||||
|
# Disable some features
|
||||||
|
add_header Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue