hakurei.app

Author	SHA1	Message	Date
Daniel Micay	abc83cbed6	generate atom feed for releases	2020-12-02 12:51:22 -05:00
Daniel Micay	97520ea9ec	consistent cipher order for TLS 1.2 and TLS 1.3	2020-12-02 07:33:51 -05:00
Daniel Micay	41547b0e40	remove unused RSA cipher configuration	2020-12-02 07:09:15 -05:00
Daniel Micay	7310432456	explicitly set http2_recv_timeout	2020-11-30 13:26:54 -05:00
Daniel Micay	5c27fd7b93	enable gzip for proxied requests	2020-11-25 07:22:10 -05:00
Daniel Micay	f195b74410	enforce an initial HTTP connection limit per IP	2020-11-24 07:58:02 -05:00
Daniel Micay	6bad648347	cut receive/send timeouts from 60s to 30s	2020-11-24 06:32:28 -05:00
Daniel Micay	08d95c92fa	lower client_max_body_size to 4k	2020-11-24 04:24:55 -05:00
Daniel Micay	b336f664ad	increase maximum connections	2020-11-24 01:57:20 -05:00
Daniel Micay	90dbec696e	nginx: enable access_log buffering	2020-11-23 13:54:50 -05:00
Daniel Micay	69bfee6e20	use $host for multi-subdomain redirect	2020-11-17 16:36:05 -05:00
Daniel Micay	527dac5802	globally disable dynamic gzip compression	2020-11-14 04:38:54 -05:00
Daniel Micay	dbee9a704c	move TLS configuration into nginx.conf	2020-11-14 04:23:19 -05:00
Daniel Micay	68b323b8d5	add full nginx configuration	2020-11-14 03:58:21 -05:00
Daniel Micay	e07539f627	update Roboto Mono fonts	2020-11-07 13:10:32 -05:00
Daniel Micay	012a527abd	add our response to Copperhead's baseless lawsuit	2020-11-05 15:24:59 -05:00
Daniel Micay	edf73acc08	add Global Privacy Control metadata	2020-11-02 13:37:04 -05:00
Daniel Micay	571f8d40a0	use bitcoin: URI in QR code	2020-11-01 15:04:23 -05:00
Daniel Micay	f69579e757	nginx: update HTTP/2 push configuration	2020-10-31 11:06:06 -04:00
Daniel Micay	d03e7c28b4	add require-trusted-types-for 'script' to CSP	2020-10-27 04:44:58 -04:00
Daniel Micay	e806721d7c	add COOP / COEP headers	2020-10-27 04:20:17 -04:00
Daniel Micay	701ed6f301	add Permissions-Policy header	2020-10-03 20:53:38 -04:00
Daniel Micay	99b4037444	disable unused publickey-credentials-get feature	2020-09-27 19:10:27 -04:00
Daniel Micay	f59b4f2310	remove unused Feature-Policy speaker directive	2020-09-27 19:07:05 -04:00
Daniel Micay	c0f510be06	handle Feature-Policy standard renaming wake-lock	2020-09-27 18:54:00 -04:00
Daniel Micay	6d04912ef7	drop (unfortunately) obsolete HPKP support	2020-09-27 16:12:11 -04:00
Daniel Micay	4742817919	disable dynamic gzip when using full static gzip	2020-09-26 12:12:09 -04:00
Daniel Micay	27b24277e1	drop usage of report-uri for Expect-CT and CSP This has proven to be unhelpful and we don't need this kind of reporting with the simplicity of the site and policies.	2020-07-22 18:41:59 -04:00
Daniel Micay	48d0d85e0c	split out connectivitycheck server	2020-07-07 08:51:36 -04:00
Daniel Micay	e119063909	use location block for index redirect	2020-05-14 10:42:24 -04:00
Daniel Micay	a91b23c5da	site with broken backlinks supports https now	2020-05-08 06:57:53 -04:00
Daniel Micay	710a026550	nginx: reorder location blocks	2020-05-08 06:55:44 -04:00
Daniel Micay	299c79234d	add back workaround for broken backlinks	2020-05-08 06:07:48 -04:00
Daniel Micay	52ef603d59	redirect some mangled backlinks	2020-05-06 18:06:16 -04:00
Daniel Micay	16532c8e20	push CSS for error pages too	2020-04-24 12:54:19 -04:00
Daniel Micay	5f900a3059	make /404 internal too	2020-04-24 11:18:32 -04:00
Daniel Micay	56599f8277	replace 403 errors with 404 errors	2020-04-24 11:18:11 -04:00
Daniel Micay	ddaf5ded8f	add initial custom 404 page	2020-04-24 11:18:09 -04:00
Daniel Micay	2343434d83	stop pinning IdenTrust root that's on the way out	2020-04-19 19:20:43 -04:00
Daniel Micay	5a5127845a	nginx: mark static brotli files as internal too	2020-04-19 08:28:47 -04:00
Daniel Micay	99f3f8637e	nginx: mark static gzip files as internal	2020-04-19 08:28:42 -04:00
Daniel Micay	539b97e347	remove try_files usage for txt/xml	2020-04-18 23:16:49 -04:00
Daniel Micay	abf3087ae6	add mta-sts.mail.grapheneos.org	2020-04-15 18:17:32 -04:00
Daniel Micay	eb1566f6a1	switch HPKP backup pins	2020-04-07 14:39:56 -04:00
Daniel Micay	ef179138fa	certbot-ocsp-fetcher for reliable OCSP stapling	2020-04-05 04:13:05 -04:00
Daniel Micay	0f6e927908	use HTTP/2 server push for render blocking CSS	2020-04-03 05:11:15 -04:00
Daniel Micay	d7c4cc9127	fix typo	2020-04-02 14:32:00 -04:00
Daniel Micay	c77c3b1c1c	add security headers for www redirect over HTTPS	2020-04-02 11:54:41 -04:00
Daniel Micay	9b99a3d8d9	add HTTP /generate_204 endpoint	2020-04-02 04:23:15 -04:00
Daniel Micay	3e4ee0cb28	move nginx https setup into a snippet	2020-04-01 10:30:30 -04:00

... 2 3 4 5 6

259 Commits