diff --git a/volumes/conf.d/code.zinomedia.de.conf b/volumes/conf.d/code.zinomedia.de.conf index 3a72d3e..15c9b68 100644 --- a/volumes/conf.d/code.zinomedia.de.conf +++ b/volumes/conf.d/code.zinomedia.de.conf @@ -10,13 +10,13 @@ server { ssl_certificate_key /etc/letsencrypt/live/code.zinomedia.de/privkey.pem; # SSL Optimizations - #ssl_protocols TLSv1.2 TLSv1.3; - #ssl_session_cache shared:SSL:10m; - #ssl_session_timeout 10m; - #ssl_prefer_server_ciphers on; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + ssl_prefer_server_ciphers on; - #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - #add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always; # Vouch # send all requests to the `/validate` endpoint for authorization diff --git a/volumes/conf.d/vouch.armos.zinomedia.de.conf b/volumes/conf.d/vouch.armos.zinomedia.de.conf index 298d04f..e14e259 100644 --- a/volumes/conf.d/vouch.armos.zinomedia.de.conf +++ b/volumes/conf.d/vouch.armos.zinomedia.de.conf @@ -10,11 +10,11 @@ server { ssl_certificate_key /etc/letsencrypt/live/vouch.armos.zinomedia.de/privkey.pem; # SSL Optimizations - #ssl_protocols TLSv1.2 TLSv1.3; - #ssl_session_cache shared:SSL:10m; - #ssl_session_timeout 10m; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; - #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; location / { #resolver 127.0.0.11;