summaryrefslogtreecommitdiffstats
path: root/roles/webmail/files/etc/nginx/sites-available
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2016-03-30 21:45:43 +0300
committerGuilhem Moulin <guilhem@fripost.org>2016-03-30 21:45:43 +0300
commit54261953e711e67e4ee28f788ea35bcab0e86654 (patch)
tree69eef65ef208b2a27b157d404c96b0d4051e2b5b /roles/webmail/files/etc/nginx/sites-available
parentf81d8c68ba20100c13859ed522c41bed4f27d88b (diff)
Set HTTP security headers.
See https://securityheaders.io .
Diffstat (limited to 'roles/webmail/files/etc/nginx/sites-available')
-rw-r--r--roles/webmail/files/etc/nginx/sites-available/roundcube2
1 files changed, 2 insertions, 0 deletions
diff --git a/roles/webmail/files/etc/nginx/sites-available/roundcube b/roles/webmail/files/etc/nginx/sites-available/roundcube
index 304b05d..ee6ff20 100644
--- a/roles/webmail/files/etc/nginx/sites-available/roundcube
+++ b/roles/webmail/files/etc/nginx/sites-available/roundcube
@@ -1,49 +1,51 @@
server {
listen 80;
listen [::]:80;
server_name mail.fripost.org;
server_name webmail.fripost.org;
include snippets/acme-challenge.conf;
+ include snippets/headers.conf;
access_log /var/log/nginx/roundcube.access.log;
error_log /var/log/nginx/roundcube.error.log info;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443;
listen [::]:443;
server_name mail.fripost.org;
server_name webmail.fripost.org;
root /var/lib/roundcube;
include snippets/ssl.conf;
+ include snippets/headers.conf;
ssl_certificate /etc/nginx/ssl/mail.fripost.org.pem;
ssl_certificate_key /etc/nginx/ssl/mail.fripost.org.key;
location = /favicon.ico {
root /usr/share/roundcube/skins/default/images;
log_not_found off;
access_log off;
expires max;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files, or files under hidden
# directories.
location ~ /\. { return 404; }
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 10:21:53 +0000