|
|
@ -57,11 +57,6 @@ http {
|
|
|
|
proxy_pass http://127.0.0.1:8008;
|
|
|
|
proxy_pass http://127.0.0.1:8008;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
# robots.txt
|
|
|
|
|
|
|
|
location = /robots.txt {
|
|
|
|
|
|
|
|
add_header Content-Type text/plain;
|
|
|
|
|
|
|
|
return 200 "User-agent: *\nDisallow: /\n";
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
# redirect to https
|
|
|
|
# redirect to https
|
|
|
|
location / {
|
|
|
|
location / {
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
@ -111,8 +106,6 @@ http {
|
|
|
|
# Remove headers to prevent duplication and information disclosure
|
|
|
|
# Remove headers to prevent duplication and information disclosure
|
|
|
|
proxy_hide_header X-XSS-Protection;
|
|
|
|
proxy_hide_header X-XSS-Protection;
|
|
|
|
proxy_hide_header X-Powered-By;
|
|
|
|
proxy_hide_header X-Powered-By;
|
|
|
|
|
|
|
|
|
|
|
|
expires $expires;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
add_header X-Frame-Options 'SAMEORIGIN';
|
|
|
|
add_header X-Frame-Options 'SAMEORIGIN';
|
|
|
|
add_header X-Content-Type-Options 'nosniff';
|
|
|
|
add_header X-Content-Type-Options 'nosniff';
|
|
|
@ -132,18 +125,12 @@ http {
|
|
|
|
return 403;
|
|
|
|
return 403;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% else %}
|
|
|
|
{% else %}
|
|
|
|
|
|
|
|
|
|
|
|
# robots.txt
|
|
|
|
|
|
|
|
location = /robots.txt {
|
|
|
|
|
|
|
|
add_header Content-Type text/plain;
|
|
|
|
|
|
|
|
return 200 "User-agent: *\nDisallow: /\n";
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
include /overrides/*.conf;
|
|
|
|
include /overrides/*.conf;
|
|
|
|
|
|
|
|
|
|
|
|
# Actual logic
|
|
|
|
# Actual logic
|
|
|
|
{% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %}
|
|
|
|
{% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %}
|
|
|
|
location / {
|
|
|
|
location / {
|
|
|
|
|
|
|
|
expires $expires;
|
|
|
|
{% if WEBROOT_REDIRECT %}
|
|
|
|
{% if WEBROOT_REDIRECT %}
|
|
|
|
try_files $uri {{ WEBROOT_REDIRECT }};
|
|
|
|
try_files $uri {{ WEBROOT_REDIRECT }};
|
|
|
|
{% else %}
|
|
|
|
{% else %}
|
|
|
@ -198,6 +185,7 @@ http {
|
|
|
|
include /etc/nginx/proxy.conf;
|
|
|
|
include /etc/nginx/proxy.conf;
|
|
|
|
proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
|
|
|
|
proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
|
|
|
|
proxy_pass http://$admin;
|
|
|
|
proxy_pass http://$admin;
|
|
|
|
|
|
|
|
expires $expires;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
location {{ WEB_ADMIN }}/antispam {
|
|
|
|
location {{ WEB_ADMIN }}/antispam {
|
|
|
|