Daniel Micay
|
bfcc6b5958
|
nginx regex: don't capture groups unnecessarily
|
2021-11-23 20:00:41 -05:00 |
|
Daniel Micay
|
5fcd75f795
|
rename static_tmp to static-tmp for consistency
|
2021-11-23 18:45:28 -05:00 |
|
Daniel Micay
|
0ae1a5a9f4
|
preserve timestamps for zopfli
|
2021-11-23 18:28:10 -05:00 |
|
Daniel Micay
|
f945befca2
|
nginx: use syslog for error log
|
2021-09-07 08:05:23 -04:00 |
|
Daniel Micay
|
19222d2b0a
|
add nginx modules symlink
|
2021-07-28 00:44:32 -04:00 |
|
Daniel Micay
|
b66981925a
|
update symlink metadata sync call
|
2021-07-27 22:31:36 -04:00 |
|
Daniel Micay
|
a97dd92eb8
|
minor improvements to CSP
|
2021-07-22 00:12:22 -04:00 |
|
Daniel Micay
|
1a6400af4e
|
split brotli and zopfli jobs
|
2021-07-21 17:46:05 -04:00 |
|
Daniel Micay
|
8a4a3ef0df
|
stop unnecessarily copying mtime for gz output
|
2021-07-21 16:57:49 -04:00 |
|
Daniel Micay
|
265576f637
|
compress static files in parallel
|
2021-07-21 16:43:49 -04:00 |
|
Daniel Micay
|
dc00b338c6
|
run GitHub workflows on pushes to any branch
|
2021-07-16 16:08:21 -04:00 |
|
Daniel Micay
|
fa9de7b0e0
|
disable aio_write temporarily
|
2021-07-13 23:30:24 -04:00 |
|
Daniel Micay
|
faa1b0a270
|
permit frames fetching resources for Element CORP
|
2021-07-13 22:27:38 -04:00 |
|
Daniel Micay
|
e1d5caf206
|
raise file size limit to 100M
|
2021-07-13 22:27:12 -04:00 |
|
Daniel Micay
|
25fa8047c8
|
use matrix.grapheneos.org as the remote
|
2021-07-11 19:54:32 -04:00 |
|
Daniel Micay
|
6374567f88
|
rename scripts
|
2021-07-11 19:51:56 -04:00 |
|
Daniel Micay
|
3e94c41567
|
remove unused pdf file extension
|
2021-07-07 04:41:08 -04:00 |
|
Daniel Micay
|
75e800cdab
|
add wasm mime type
|
2021-07-06 14:13:18 -04:00 |
|
Daniel Micay
|
740b720285
|
enable brotli/gzip via precompression for Element
|
2021-07-06 13:53:00 -04:00 |
|
Daniel Micay
|
a653d8bd2f
|
use jemalloc for synapse
|
2021-07-04 08:27:24 -04:00 |
|
Daniel Micay
|
9074148b6e
|
add gzip/brotli configuration for future use
|
2021-07-04 03:34:49 -04:00 |
|
Daniel Micay
|
c98929ea0d
|
set manifest-src to 'self' for Element
|
2021-07-03 08:56:02 -04:00 |
|
Daniel Micay
|
b9adc72a0c
|
remove duplicate Referrer-Policy headers
|
2021-07-02 11:13:24 -04:00 |
|
Daniel Micay
|
0e8b60b7fe
|
enable AIO via thread pool
|
2021-06-30 23:17:25 -04:00 |
|
Daniel Micay
|
167c728852
|
set if_modified_since to more aggressive mode
|
2021-06-30 22:53:05 -04:00 |
|
Daniel Micay
|
b75070b85c
|
match configuration format of other services
|
2021-06-29 06:12:19 -04:00 |
|
Daniel Micay
|
9d862cc58d
|
set Referrer-Policy header
|
2021-06-29 06:07:54 -04:00 |
|
Daniel Micay
|
6d1669c3c2
|
pass through synapse CSP alongside static one
|
2021-06-29 06:05:12 -04:00 |
|
June
|
86772f7fea
|
Add GitHub workflow for linting nginx.conf and security-headers.conf
Signed-off-by: June <zanthed@riseup.net>
|
2021-06-26 02:01:27 -04:00 |
|
Daniel Micay
|
384f37a9f4
|
add font-src to CSP
|
2021-06-22 23:51:37 -04:00 |
|
Daniel Micay
|
1cf2da16c9
|
cleaner nginx status monitoring configuration
|
2021-06-22 23:43:32 -04:00 |
|
Daniel Micay
|
d4e4cca682
|
set security headers on error responses too
|
2021-06-18 20:22:34 -04:00 |
|
Daniel Micay
|
444ad1a982
|
set up COEP and CORP headers
|
2021-06-18 20:20:50 -04:00 |
|
Daniel Micay
|
87d3dff258
|
more initial CSP working around Element flaws
|
2021-06-18 17:35:06 -04:00 |
|
Daniel Micay
|
ee984f0c7f
|
use dark theme by default for Element
|
2021-06-18 05:44:40 -04:00 |
|
Daniel Micay
|
2f99bfd78d
|
set up Element configuration for grapheneos.org
|
2021-06-18 05:38:52 -04:00 |
|
Daniel Micay
|
1ab0ee864c
|
add Element configuration
|
2021-06-18 05:37:41 -04:00 |
|
Daniel Micay
|
1cbd223eee
|
mark obsolete X-Frame-Options header as such
|
2021-06-18 05:34:44 -04:00 |
|
Daniel Micay
|
e5da30c9a6
|
set same-origin COOP header
|
2021-06-18 05:27:08 -04:00 |
|
Daniel Micay
|
7abbe44836
|
reorder server blocks
|
2021-06-18 05:22:16 -04:00 |
|
Daniel Micay
|
7743e8ebf6
|
add explicit support for element http redirect
|
2021-06-18 05:20:47 -04:00 |
|
Daniel Micay
|
e32083f8cf
|
remove unnecessary escaping
|
2021-06-18 05:17:13 -04:00 |
|
Daniel Micay
|
60dd91024d
|
no need for case insensitive API path matching
|
2021-06-18 05:16:14 -04:00 |
|
Daniel Micay
|
391d7ef680
|
explicitly block mixed content
|
2021-06-18 05:08:04 -04:00 |
|
Daniel Micay
|
144698a02f
|
set up basic frame security headers
|
2021-06-18 05:05:39 -04:00 |
|
Daniel Micay
|
f9a50f988a
|
add obsolete X-XSS-Protection header
|
2021-06-18 04:38:26 -04:00 |
|
Daniel Micay
|
af4c95f166
|
mark Expect-CT as partially obsolete
|
2021-06-18 04:38:02 -04:00 |
|
Daniel Micay
|
c473761dfb
|
avoid having element instance indexed
|
2021-06-18 04:17:51 -04:00 |
|
Daniel Micay
|
b7952c7ce0
|
add element.grapheneos.org domain
|
2021-06-18 00:55:51 -04:00 |
|
Daniel Micay
|
3d99bfadd3
|
raise proxy_read_timeout for synapse
|
2021-06-07 14:46:25 -04:00 |
|