1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/elabftw_ynh.git synced 2024-09-03 18:26:23 +02:00
elabftw_ynh/conf/nginx.conf

40 lines
1.5 KiB
Nginx Configuration File
Raw Normal View History

2021-08-12 13:28:44 +02:00
location / {
# Path to source
2021-08-12 14:01:48 +02:00
alias __FINALPATH__/web/;
2021-08-12 13:28:44 +02:00
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
index index.php;
2021-08-12 14:01:48 +02:00
try_files $uri $uri/ __PATH__/index.php?$query_string;
2021-08-12 13:28:44 +02:00
location ~ \.php$ {
if (!-e $request_filename) {
rewrite ^__PATH__/?(.*)$ __PATH__/index.php?/$1 last;
break;
}
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# security headers
more_set_headers "Strict-Transport-Security: max-age=63072000";
more_set_headers "X-XSS-Protection: 0";
more_set_headers "X-Content-Type-Options: nosniff";
more_set_headers "Content-Security-Policy: default-src 'self' data:; script-src 'self'; connect-src 'self' blob: https://get.elabftw.net; img-src 'self' data: blob: https://www.cornify.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self'; base-uri 'none'; frame-ancestors 'none'";
more_set_headers "Referrer-Policy: no-referrer";
more_set_headers "Feature-Policy: autoplay 'none'; camera 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; vr 'none'";
more_set_headers "Vary: Accept-Encoding";
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}