security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity
2,571 Commits 2 Branches 4 Tags
Commit Graph

196 Commits

Author SHA1 Message Date
Daniel Micay
5a6fe754df nginx: use build defaults for user/pid settings 
This varies based on the OS and packaging. It's best to make the
assumption that it's a reasonable nginx package rather than reducing
portability.
 2021-06-26 21:57:04 -04:00
Daniel Micay
e06942c803 cleaner nginx status monitoring configuration 2021-06-22 23:43:14 -04:00
Daniel Micay
9c8deacbd9 add back legacy redirect 2021-06-21 22:23:07 -04:00
Daniel Micay
4f829a530b set security headers for Matrix client metadata 2021-06-21 03:49:39 -04:00
Daniel Micay
e941ca1a40 fix redirects for broken twipu links 2021-06-13 04:05:18 -04:00
Daniel Micay
bd3cfebafd fix object replacement character redirect 2021-06-11 10:18:57 -04:00
Daniel Micay
2d079162d4 mark Expect-CT as largely obsolete 2021-06-08 12:27:04 -04:00
Daniel Micay
d0e54474fe convert if back into location block 2021-06-07 12:57:33 -04:00
Daniel Micay
6a54597de8 remove legacy underscore redirects (unused) 2021-06-04 23:37:11 -04:00
Daniel Micay
23455a1879 add redirect away from old SVG favicon 2021-06-03 17:04:37 -04:00
Daniel Micay
b620834f20 reorder nginx location blocks 2021-06-02 21:31:46 -04:00
Daniel Micay
5262ad4ee7 make index files into an implementation detail 2021-06-02 20:57:01 -04:00
Daniel Micay
81fa2a6f23 treat html extension as an implementation detail 
These redirects aren't being used for any of the actual pages based on
the access logs.
 2021-06-02 20:07:52 -04:00
Daniel Micay
e1ea020f2a add grapheneos.ca domain 2021-05-31 14:51:56 -04:00
Daniel Micay
4f144773e3 add grapheneos.net domain 2021-05-28 16:15:39 -04:00
Daniel Micay
1b244d9543 add Matrix client homeserver delegation 2021-05-24 12:10:16 -04:00
Daniel Micay
8e31124e3c add Matrix homeserver delegation 2021-05-24 11:30:14 -04:00
Daniel Micay
4c1e81764a drop types_hash_max_size configuration 2021-05-23 10:59:06 -04:00
Daniel Micay
db8b900d39 add webmanifest mime type 2021-05-23 10:58:01 -04:00
Daniel Micay
fbb1852bea add mjs as javascript extension 2021-05-23 10:52:04 -04:00
Daniel Micay
f35ea32d74 add upstream mime.types 2021-05-23 10:50:03 -04:00
Daniel Micay
9a27eeecbd simplify favicon.svg rewrite 2021-05-19 09:28:24 -04:00
Daniel Micay
aafebaed00 add /favicon.svg location block 2021-05-19 09:08:27 -04:00
Daniel Micay
2a86216b37 simplify redirect for broken backlinks 2021-05-18 17:18:45 -04:00
Daniel Micay
5f018c01e1 treat mask-icon.svg as an implementation detail 2021-05-18 14:05:02 -04:00
Daniel Micay
9634d20dca keep redirect location blocks together 2021-05-18 13:58:15 -04:00
Daniel Micay
ca24fdebc5 use prefix match for fonts instead of regex 2021-05-18 02:45:10 -04:00
Daniel Micay
ea67f9c6b2 convert regex location into exact match 2021-05-18 02:35:59 -04:00
Daniel Micay
2544be1006 reduce cache time for SVG served as /favicon.ico 
Cache busting isn't available for /favicon.ico when it isn't fetched for
an HTML page.
 2021-05-17 11:16:34 -04:00
Daniel Micay
cf9bc8d45f use SVG for /favicon.ico if browser asks for it 
This makes Chromium use the SVG favicon universally including as the
favicon for non-HTML files.
 2021-05-17 10:58:14 -04:00
Daniel Micay
f1f3ee0cab remove legacy graphene.png redirect 2021-05-16 06:28:00 -04:00
Daniel Micay
7f89a19b00 stop logging not found files as errors 2021-05-16 05:03:31 -04:00
Daniel Micay
4e3f449c2d fail fast on mta-sts bot traffic 2021-05-16 04:50:20 -04:00
Daniel Micay
fb1be51f68 rename grapheneos.css to main.css 2021-05-14 22:28:12 -04:00
Daniel Micay
7a7648e6de redirect 404 /page/ to /page if /page.html exists 2021-05-14 13:12:51 -04:00
Daniel Micay
d29f7ed91b add comment explaining HTTPS redirect approach 2021-05-11 17:56:22 -04:00
Daniel Micay
959d3e2053 include scheme and host in access log 2021-05-07 02:21:51 -04:00
Daniel Micay
10923373ec use relative paths for TLS state 2021-05-06 18:51:49 -04:00
Daniel Micay
380e40bf74 use more granular session ticket key rotation 2021-05-02 13:33:06 -04:00
Daniel Micay
0823948133 enable session tickets with rotation script 2021-05-02 02:12:34 -04:00
Daniel Micay
0c03bb5737 add redirect from unused mta-sts root 2021-04-29 14:14:30 -04:00
Daniel Micay
e8f8516acd nginx: add source map support 2021-04-29 11:34:40 -04:00
Daniel Micay
e7344aa837 enable open file cache for main static root 2021-04-26 21:13:37 -04:00
Daniel Micay
b2e4477300 nginx: raise open file limit 2021-04-25 18:49:52 -04:00
Daniel Micay
f66cae5a86 reduce reliance on try_files (inefficient) 2021-04-25 17:44:21 -04:00
Daniel Micay
36e63fcbef raise keepalive_timeout to prior HTTP/2 value 2021-04-23 20:49:08 -04:00
Daniel Micay
f3320a54d1 prefer ChaCha20 for clients without hardware AES 2021-04-23 16:31:17 -04:00
Daniel Micay
59cbca7083 update nginx configuration for 1.20.0 2021-04-23 15:54:16 -04:00
Daniel Micay
e4fcd76ece use 429 response code for conn limit 2021-04-19 15:43:41 -04:00
Daniel Micay
5e83027d04 disable unused Clipboard API features 2021-04-18 00:49:50 -04:00