bundles/nginx: add a default security.txt to all vhosts
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
0a7e5bcdcd
commit
1fbc08f74b
GPG key ID:
12E3D2136B818350
5 changed files with 51 additions and 1 deletions
9
bundles/nginx/files/security.txt
Normal file
9
bundles/nginx/files/security.txt
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
Contact: ${vhost.get('contact', repo.libs.defaults.security_email)}
|
||||
Expires: ${vhost.get('expires', expiry)}
|
||||
Preferred-Languages: ${','.join(sorted(vhost.get('lang', repo.libs.defaults.security_lang)))}
|
||||
Canonical: ${proto}://${domain}/.well-known/security.txt
|
||||
% for key, value in sorted(vhost.items()):
|
||||
% if key[0].isupper():
|
||||
${key}: ${value}
|
||||
% endif
|
||||
% endfor
|
||||
|
|
@ -72,6 +72,12 @@ server {
|
|||
alias /var/lib/dehydrated/acme-challenges/;
|
||||
}
|
||||
|
||||
% if security_txt:
|
||||
location = /.well-known/security.txt {
|
||||
alias /etc/nginx/security.txt.d/${vhost};
|
||||
}
|
||||
% endif
|
||||
|
||||
% if proxy:
|
||||
% for location, options in proxy.items():
|
||||
location ${location} {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue