58 lines
1.4 KiB
Django/Jinja
58 lines
1.4 KiB
Django/Jinja
# jnss-web Static Site Configuration
|
|
# Generated by Ansible - DO NOT EDIT MANUALLY
|
|
|
|
# WWW Redirect - apex is primary
|
|
www.{{ jnss_web_domain }} {
|
|
redir https://{{ jnss_web_domain }}{uri} permanent
|
|
}
|
|
|
|
# Primary Domain
|
|
{{ jnss_web_domain }} {
|
|
root * {{ jnss_web_root }}
|
|
file_server
|
|
|
|
# SPA routing - serve index.html for all routes
|
|
try_files {path} /index.html
|
|
|
|
# Security headers
|
|
header {
|
|
X-Frame-Options SAMEORIGIN
|
|
X-Content-Type-Options nosniff
|
|
X-XSS-Protection "1; mode=block"
|
|
Referrer-Policy strict-origin-when-cross-origin
|
|
Permissions-Policy "geolocation=(), microphone=(), camera=()"
|
|
}
|
|
|
|
# Cache static assets aggressively
|
|
@static {
|
|
path /_app/* /assets/* /icons/* *.ico *.png *.jpg *.jpeg *.svg *.webp *.woff *.woff2 *.css *.js
|
|
}
|
|
header @static {
|
|
Cache-Control "public, max-age=31536000, immutable"
|
|
Vary "Accept-Encoding"
|
|
}
|
|
|
|
# Cache HTML with shorter duration
|
|
@html {
|
|
path *.html /
|
|
}
|
|
header @html {
|
|
Cache-Control "public, max-age=3600, must-revalidate"
|
|
}
|
|
|
|
# Enable compression
|
|
encode gzip
|
|
|
|
# Logging
|
|
log {
|
|
output file /var/log/caddy/jnss-web.log {
|
|
roll_size 100mb
|
|
roll_keep 5
|
|
}
|
|
format json {
|
|
time_format "2006-01-02T15:04:05.000Z07:00"
|
|
}
|
|
level INFO
|
|
}
|
|
}
|