zino/docker-nginx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

m

Browse Source
This commit is contained in:
zino
2023-12-06 00:33:03 +01:00
parent c8e7eb665b
commit 82e27ef5e1
9 changed files with 16 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
volumes/conf.d/portainer.armos.zinomedia.de.conf
View File

@@ -9,19 +9,13 @@ server {
ssl_certificate /etc/letsencrypt/live/portainer.armos.zinomedia.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/portainer.armos.zinomedia.de/privkey.pem;
# SSL optimizations
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
include "snippets/ssl-optimizations.conf";
include "snippets/enable-vouch.conf";
location / {
resolver 127.0.0.11;
set $upstream "portainer:9000";
add_header Content-Security-Policy "font-src * data: blob: 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';" always;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;