sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-10 03:48:33 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add nextcloud fixes

Browse Source
This commit is contained in:
Johnathen Sheppard
2024-12-23 11:39:47 +00:00
parent 8ae4246c6b
commit bb89e764c1
5 changed files with 395 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/nextcloud/templates/nginx-nextcloud.conf
View File

@@ -4,7 +4,8 @@ server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
@@ -101,6 +102,8 @@ server {
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
@@ -110,7 +113,7 @@ server {
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
location ~ \.(?:css|mjs|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
@@ -118,6 +121,7 @@ server {
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
# Optional: Don't log access to assets
access_log off;