gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-02-26 09:02:57 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #605 from bt90/patch-1

Browse source 
Add basic security headers
This commit is contained in:
dcarns 2022-01-14 08:55:41 -05:00 committed by GitHub
commit 78df049472
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
docker/Caddyfile
View file

@ -1,19 +1,33 @@
{ {
# LetsEncrypt account # LetsEncrypt account
email YOUR_EMAIL email YOUR_EMAIL
} }
# Dashboard # Dashboard
https://dashboard.NETMAKER_BASE_DOMAIN { https://dashboard.NETMAKER_BASE_DOMAIN {
reverse_proxy http://127.0.0.1:8082 # Apply basic security headers
header {
# Enable HTTP Strict Transport Security (HSTS)
Strict-Transport-Security "max-age=31536000;"
# Enable cross-site filter (XSS) and tell browser to block detected attacks
X-XSS-Protection "1; mode=block"
# Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
X-Frame-Options "SAMEORIGIN"
# Prevent search engines from indexing
X-Robots-Tag "none"
# Remove the server name
-Server
}
reverse_proxy http://127.0.0.1:8082
} }
# API # API
https://api.NETMAKER_BASE_DOMAIN { https://api.NETMAKER_BASE_DOMAIN {
reverse_proxy http://127.0.0.1:8081 reverse_proxy http://127.0.0.1:8081
} }
# gRPC # gRPC
https://grpc.NETMAKER_BASE_DOMAIN { https://grpc.NETMAKER_BASE_DOMAIN {
reverse_proxy h2c://127.0.0.1:50051 reverse_proxy h2c://127.0.0.1:50051
} }