blob: 82a9877bd1c251ee418e68a1bf4f6e70b410dce5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
server.modules += ( "mod_cgi", "mod_rewrite", "mod_openssl", "mod_setenv" )
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/certs/fullchain1.pem"
ssl.privkey = "/etc/certs/privkey1.pem"
setenv.add-response-header = (
"Strict-Transport-Security"=>"max-age=63072000; includeSubdomains",
"X-Frame-Options"=>"DENY",
"X-XSS-Protection"=>"1; mode=block",
"X-Content-Type-Options" => "nosniff",
"Content-Security-Policy" => "script-src 'self'; object-src 'self'",
"X-Permitted-Cross-Domain-Policies" => "none",
"Referrer-Policy" => "no-referrer")
server.name = "git.terminaldweller.com"
server.document-root = "/usr/share/webapps/cgit/"
index-file.names = ( "cgit.cgi" )
cgi.assign = ( "cgit.cgi" => "" )
mimetype.assign = ( ".css" => "text/css" )
url.rewrite-once = (
"^/cgit/cgit.css" => "/cgit.css",
"^/cgit/cgit.png" => "/cgit.png",
"^/([^?/]+/[^?]*)?(?:\?(.*))?$" => "/cgit.cgi?url=$1&$2",
)
}
|