From 919fd44ab560c088362e9fce2fc29eb9feb202da Mon Sep 17 00:00:00 2001
From: bt90 <btom1990@googlemail.com>
Date: Thu, 13 Jan 2022 21:05:16 +0100
Subject: [PATCH 1/2] Add basic security headers

---
 docker/Caddyfile | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/docker/Caddyfile b/docker/Caddyfile
index 646a0e98..e1a38602 100644
--- a/docker/Caddyfile
+++ b/docker/Caddyfile
@@ -5,6 +5,20 @@
 
 # Dashboard
 https://dashboard.NETMAKER_BASE_DOMAIN {
+    # Apply basic security headers
+    header {
+        # Enable HTTP Strict Transport Security (HSTS)
+        Strict-Transport-Security "max-age=31536000;"
+        # Enable cross-site filter (XSS) and tell browser to block detected attacks
+        X-XSS-Protection "1; mode=block"
+        # Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
+        X-Frame-Options "SAMEORIGIN"
+        # Prevent search engines from indexing
+        X-Robots-Tag "none"
+        # Remove the server name
+        -Server
+    }
+
     reverse_proxy http://127.0.0.1:8082
 }
 
@@ -16,4 +30,4 @@ https://api.NETMAKER_BASE_DOMAIN {
 # gRPC
 https://grpc.NETMAKER_BASE_DOMAIN {
     reverse_proxy h2c://127.0.0.1:50051
-}
\ No newline at end of file
+}

From 64c98d45ee9856e1b5e434239f4f1f042ca1d408 Mon Sep 17 00:00:00 2001
From: bt90 <btom1990@googlemail.com>
Date: Thu, 13 Jan 2022 21:09:38 +0100
Subject: [PATCH 2/2] Apply caddy fmt

---
 docker/Caddyfile | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/docker/Caddyfile b/docker/Caddyfile
index e1a38602..a43bf3e7 100644
--- a/docker/Caddyfile
+++ b/docker/Caddyfile
@@ -1,33 +1,33 @@
 {
-    # LetsEncrypt account
-    email YOUR_EMAIL
+        # LetsEncrypt account
+        email YOUR_EMAIL
 }
 
 # Dashboard
 https://dashboard.NETMAKER_BASE_DOMAIN {
-    # Apply basic security headers
-    header {
-        # Enable HTTP Strict Transport Security (HSTS)
-        Strict-Transport-Security "max-age=31536000;"
-        # Enable cross-site filter (XSS) and tell browser to block detected attacks
-        X-XSS-Protection "1; mode=block"
-        # Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
-        X-Frame-Options "SAMEORIGIN"
-        # Prevent search engines from indexing
-        X-Robots-Tag "none"
-        # Remove the server name
-        -Server
-    }
+        # Apply basic security headers
+        header {
+                # Enable HTTP Strict Transport Security (HSTS)
+                Strict-Transport-Security "max-age=31536000;"
+                # Enable cross-site filter (XSS) and tell browser to block detected attacks
+                X-XSS-Protection "1; mode=block"
+                # Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
+                X-Frame-Options "SAMEORIGIN"
+                # Prevent search engines from indexing
+                X-Robots-Tag "none"
+                # Remove the server name
+                -Server
+        }
 
-    reverse_proxy http://127.0.0.1:8082
+        reverse_proxy http://127.0.0.1:8082
 }
 
 # API
 https://api.NETMAKER_BASE_DOMAIN {
-    reverse_proxy http://127.0.0.1:8081
+        reverse_proxy http://127.0.0.1:8081
 }
 
 # gRPC
 https://grpc.NETMAKER_BASE_DOMAIN {
-    reverse_proxy h2c://127.0.0.1:50051
+        reverse_proxy h2c://127.0.0.1:50051
 }