🗃️ Committing everything that changed 🗃️

2025-09-18 21:57:41 -04:00 · 2022-10-20 19:46:15 -04:00
parent cbdd2f900f
commit c3af8d957d
51 changed files with 973 additions and 339 deletions
--- a/rootfs/usr/local/share/template-files/config/nginx/nginx.conf
+++ b/rootfs/usr/local/share/template-files/config/nginx/nginx.conf
@@ -0,0 +1,65 @@
+# Default nginx configuration
+user                   root;
+worker_processes       1;
+
+error_log              /dev/stderr warn;
+pid                    /tmp/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include            /etc/nginx/mime.types;
+    default_type       application/octet-stream;
+    log_format         main  '$remote_addr - $remote_user [$time_local] "$request" '
+                       '$status $body_bytes_sent "$http_referer" '
+                       '"$http_user_agent" "$http_x_forwarded_for"';
+    access_log         /var/log/nginx/access.log  main;
+    sendfile           on;
+    keepalive_timeout  65;
+    gzip               on;
+    map                $http_upgrade $connection_upgrade { default upgrade; '' close; }
+
+    server {
+        listen                               SERVER_PORT;
+        root                                 /data/htdocs/www;
+        index                                index.html index.php index.cgi index.pl index.aspx awstats.pl index.unknown.php index.default.php index.txt index.json;
+        proxy_intercept_errors               off;
+        add_header X-Frame-Options           "SAMEORIGIN" always;
+        add_header X-XSS-Protection          "1; mode=block" always;
+        add_header X-Content-Type-Options    "nosniff" always;
+        add_header Referrer-Policy           "no-referrer-when-downgrade" always;
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+        add_header Content-Security-Policy   "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
+
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+    
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+    
+        location /nginx_status {
+            stub_status;
+        }
+    
+        location /health {
+            default_type text/html;
+            allow all;
+            access_log off;
+            return 200 'OK';
+        }
+    
+        location /health.json {
+            default_type application/json;
+            allow all;
+            access_log off;
+            return 200 '{"status":"OK"}';
+        }
+    }
+}