From 7daa208815bdeb139bbadf79aac702063adf8076 Mon Sep 17 00:00:00 2001 From: Jonah Date: Sun, 11 Aug 2019 22:12:19 -0500 Subject: [PATCH] Add Nginx config files to repo Allows us to edit redirects and headers locally. --- .github/CODEOWNERS | 3 ++- _config.yml | 1 - nginx/000-includes.conf | 2 ++ nginx/010-headers.conf | 9 +++++++++ nginx/020-redirects.conf | 12 ++++++++++++ pages/software/real-time-communication.html | 4 ---- 6 files changed, 25 insertions(+), 6 deletions(-) create mode 100644 nginx/000-includes.conf create mode 100644 nginx/010-headers.conf create mode 100644 nginx/020-redirects.conf diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 5b16ecc8..2aae0a90 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,9 +1,10 @@ # Administration Related Files /.well-known/ @JonahAragon +/nginx/ @JonahAragon /404.html @JonahAragon /.github/ @JonahAragon @BurungHantu1605 /LICENSE.txt @JonahAragon @BurungHantu1605 -/.travis.yml @Shifterovich +/.travis.yml @JonahAragon @Shifterovich /CNAME @JonahAragon # Editorial Team diff --git a/_config.yml b/_config.yml index 248192f3..355e9fe6 100644 --- a/_config.yml +++ b/_config.yml @@ -5,7 +5,6 @@ sass: style: compressed plugins: - jekyll-sitemap - - jekyll-redirect-from sitemap: file: "/sitemap.xml" include: [".well-known"] diff --git a/nginx/000-includes.conf b/nginx/000-includes.conf new file mode 100644 index 00000000..d70bce8e --- /dev/null +++ b/nginx/000-includes.conf @@ -0,0 +1,2 @@ +include /var/www/privacytools.io/nginx/010-headers.conf; +include /var/www/privacytools.io/nginx/020-redirects.conf; diff --git a/nginx/010-headers.conf b/nginx/010-headers.conf new file mode 100644 index 00000000..46c4ef44 --- /dev/null +++ b/nginx/010-headers.conf @@ -0,0 +1,9 @@ +add_header X-Frame-Options DENY always; +add_header X-XSS-Protection "1; mode=block" always; +add_header X-Content-Type-Options nosniff always; +add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline' https://stats.privacytools.io; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.privacytools.io; object-src 'none'; frame-src https://stats.privacytools.io; font-src 'self'; manifest-src 'self';" always; +add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload"; +add_header 'Access-Control-Allow-Origin' '*'; +add_header Alt-Svc 'h2="privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion:443"; ma=86400; persist=1'; +add_header Expect-CT 'max-age=0; report-uri="https://34f7a2cb34f91bc092b2e15f4e4bda78.report-uri.com/r/d/ct/reportOnly"'; +add_header Referrer-Policy "strict-origin"; diff --git a/nginx/020-redirects.conf b/nginx/020-redirects.conf new file mode 100644 index 00000000..65a7c8db --- /dev/null +++ b/nginx/020-redirects.conf @@ -0,0 +1,12 @@ +location = /old/ { + return 301 /classic/; +} +location = /software/im/ { + return 301 /software/real-time-communication/; +} +location = /software/voip/ { + return 301 /software/real-time-communication/; +} +location = /software/teamchat/ { + return 301 /software/real-time-communication/; +} diff --git a/pages/software/real-time-communication.html b/pages/software/real-time-communication.html index 1d47e387..9a28ab8b 100644 --- a/pages/software/real-time-communication.html +++ b/pages/software/real-time-communication.html @@ -1,10 +1,6 @@ --- layout: page permalink: /software/real-time-communication/ -redirect_from: - - /software/im/ - - /software/voip/ - - /software/teamchat/ title: "Real-Time Communication" description: "Discover secure and private ways to communicate with others online without letting any third parties read your messages." ---