server { listen 443 ssl; listen [::]:443 ssl; server_name element.{{ domain }}; location / { proxy_pass http://127.0.0.1:{{ ports['element'] }}; include /etc/nginx/snippets/ssl-headers.conf; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Content-Security-Policy "frame-ancestors 'none'"; } }