mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-20 20:20:26 +03:00
Merge pull request #155502 from yayayayaka/nextcloud-optional-headers
nixos/nextcloud: Optionally disable setting HTTP response headers
This commit is contained in:
commit
588fd794b3
@ -505,6 +505,12 @@ in {
|
||||
The nextcloud-occ program preconfigured to target this Nextcloud instance.
|
||||
'';
|
||||
};
|
||||
|
||||
nginx.recommendedHttpHeaders = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Enable additional recommended HTTP response headers";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable (mkMerge [
|
||||
@ -904,14 +910,16 @@ in {
|
||||
};
|
||||
extraConfig = ''
|
||||
index index.php index.html /index.php$request_uri;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
add_header X-Frame-Options sameorigin;
|
||||
add_header Referrer-Policy no-referrer;
|
||||
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
||||
${optionalString (cfg.nginx.recommendedHttpHeaders) ''
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
add_header X-Frame-Options sameorigin;
|
||||
add_header Referrer-Policy no-referrer;
|
||||
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
||||
''}
|
||||
client_max_body_size ${cfg.maxUploadSize};
|
||||
fastcgi_buffers 64 4K;
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
Loading…
Reference in New Issue
Block a user