tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Change authentik IP in nginx vshosts

Browse source
This commit is contained in:
Théo Barnouin 2024-10-16 11:19:20 +02:00
parent 5455da310d
commit a420f97a2a
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
services/nginx/default.nix
View file

@ -55,16 +55,16 @@ in
https "max-age=31536000; includeSubdomains; preload"; https "max-age=31536000; includeSubdomains; preload";
} }
add_header Strict-Transport-Security $hsts_header; add_header Strict-Transport-Security $hsts_header;
# Enable CSP for your services. # Enable CSP for your services.
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
# Minimize information leaked to other domains # Minimize information leaked to other domains
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
# Disable embedding as a frame # Disable embedding as a frame
add_header X-Frame-Options DENY; add_header X-Frame-Options DENY;
# Prevent injection of code in other mime types (XSS Attacks) # Prevent injection of code in other mime types (XSS Attacks)
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
client_body_buffer_size 400M; client_body_buffer_size 400M;
@ -121,7 +121,7 @@ in
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://192.168.1.25:9000"; proxyPass = "http://192.168.1.125:9000";
recommendedProxySettings = true; recommendedProxySettings = true;
proxyWebsockets = true; proxyWebsockets = true;
}; };