caddy-formula/Caddyfile.jinja

# THIS FILE IS MANAGED BY SALT! NO TOUCHY TOUCHY, JUST LOOKY LOOKY!

(header) {
	header {
		# disable FLoC tracking
		Permissions-Policy interest-cohort=()

		# enable HSTS
		Strict-Transport-Security max-age=31536000;

		# disable clients from sniffing the media type
		X-Content-Type-Options nosniff

		# clickjacking protection
		X-Frame-Options DENY

		# keep referrer data off of HTTP connections
		Referrer-Policy no-referrer-when-downgrade

		X-XSS-Protection 1

		Content-Security-Policy default-src https:
	}
}

{% for site in salt['pillar.get']('caddy:sites') %}
{{ site }}
{% endfor %}
WIP Caddy caddy formula 2024-06-24 00:48:33 +02:00			`# THIS FILE IS MANAGED BY SALT! NO TOUCHY TOUCHY, JUST LOOKY LOOKY!`

			`(header) {`
			`header {`
			`# disable FLoC tracking`
			`Permissions-Policy interest-cohort=()`

			`# enable HSTS`
			`Strict-Transport-Security max-age=31536000;`

			`# disable clients from sniffing the media type`
			`X-Content-Type-Options nosniff`

			`# clickjacking protection`
			`X-Frame-Options DENY`

			`# keep referrer data off of HTTP connections`
			`Referrer-Policy no-referrer-when-downgrade`

			`X-XSS-Protection 1`

			`Content-Security-Policy default-src https:`
			`}`
			`}`

			`{% for site in salt['pillar.get']('caddy:sites') %}`
			`{{ site }}`
			`{% endfor %}`