samsapti/lab-ansible
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Fix SearXNG headers

Browse source
This commit is contained in:
Sam A. 2024-02-10 14:56:19 +01:00
parent 8f55cf53e4
commit 5899eb45f6
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
roles/apps/templates/caddy/Caddyfile.j2
View file

@ -1,6 +1,7 @@
{# code: language=ansible-jinja #}
# THIS FILE IS MANAGED BY ANSIBLE
{% if 'searxng' in apps_include %}
{{ apps_vars.searxng.domain }} {
tls {{ tls_email }}
@ -32,8 +33,7 @@
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
X-XSS-Protection "1; mode=block"
Strict-Transport-Security "max-age=31536000; includeSubDomains"
X-Content-Type-Options "nosniff"
Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=(),interest-cohort=()"
Referrer-Policy "no-referrer"
@ -70,6 +70,8 @@
reverse_proxy searxng:8080 {
header_up X-Forwarded-Port {http.request.port}
header_up X-Forwarded-Proto {http.request.scheme}
header_up X-Real-IP {remote_host}
}
}
}
{% endif %}