summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hieradata/nodes/webstatic.yaml29
1 files changed, 29 insertions, 0 deletions
diff --git a/hieradata/nodes/webstatic.yaml b/hieradata/nodes/webstatic.yaml
index 21bf5fe..d37a582 100644
--- a/hieradata/nodes/webstatic.yaml
+++ b/hieradata/nodes/webstatic.yaml
@@ -143,6 +143,35 @@ profiles::static_websites::apache_vhosts:
- 'set Pragma "no-cache"'
- 'set Expires "-1"'
- 'set X-Permitted-Cross-Domain-Policies "master-only"'
+ 'community.cacert.org':
+ port: 80
+ access_log: true
+ access_log_format: "combined"
+ error_log: true
+ log_level: "warn"
+ docroot: "/var/www/community.cacert.org"
+ docroot_owner: "git"
+ docroot_mode: "0755"
+ directoryindex:
+ - "index.html"
+ directories:
+ -
+ path: "/var/www/community.cacert.org"
+ options:
+ - "-Includes"
+ - "-Indexes"
+ - "-FollowSymLinks"
+ - "-MultiViews"
+ require: "all granted"
+ headers:
+ - 'set X-Frame-Options "sameorigin"'
+ - 'set Strict-Transport-Security "max-age=31536000; includeSubDomains"'
+ - 'set X-XSS-Protection "1; mode=block"'
+ - 'set Cache-Control "no-cache, no-store, must-revalidate"'
+ - 'set Pragma "no-cache"'
+ - 'set Expires "-1"'
+ - 'set X-Permitted-Cross-Domain-Policies "master-only"'
+ - "set Content-Security-Policy \"default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self'; connect-src 'self';\""
'infradocs.cacert.org':
port: 80
access_log: true