Thomas Lynch
571b481a8c
add option to limit video/image sizes
2 years ago
Thomas Lynch
8989ed1e34
INSTALLATION.md and nginx install script improvements for nohttps
2 years ago
Thomas Lynch
e521844123
Hotfix nginx for twofactor
2 years ago
Thomas Lynch
20e17ab2a5
put certbot first, and remove existing sites-available file so certbot doesnt fail to restart nginx
2 years ago
Thomas Lynch
bfafd2467b
more nginx improvement
2 years ago
Thomas Lynch
9bbe1ade7b
WIP improvement of nginx.sh to be smarter, fix a few broken things, and make it able to support self-signed or no https at all, support a subdomain hosted site, and make www optional
2 years ago
Thomas Lynch
8e5c8b5ab0
Tegaki replaying overhaul
2 years ago
Thomas Lynch
3cb5e0197a
Revert "Close #480 dont show "register" on login page if not allowed for regular user, since users might reach it clicking "manage" after the login redirect"
...
This reverts commit 9c5dd5efa8
.
2 years ago
Thomas Lynch
9c5dd5efa8
Close #480 dont show "register" on login page if not allowed for regular user, since users might reach it clicking "manage" after the login redirect
2 years ago
Thomas Lynch
9977580b9e
Dont duplicate security_headers for nocache version, just include the original
2 years ago
l29utp0
1b5b12ea0e
use youtube-nocookie
...
https://support.google.com/youtube/answer/171780#zippy=%2Cturn-on-privacy-enhanced-mode
2 years ago
Thomas Lynch
d2d14f5961
Remove commas in csp directives for hcaptcha in nginx.sh
2 years ago
Thomas Lynch
da620b22a2
update nginx snippet
3 years ago
Thomas Lynch
132f40bac6
nginx snippet updates
3 years ago
Thomas Lynch
0fe3983d5f
apply template to user accounts ref #377
3 years ago
Thomas Lynch
a330ed7773
just nginx indentation, noticed while merging something
3 years ago
Thomas Lynch
5e15e5cdd5
csrf token only fetch, for API and will be added to jschan-docs
3 years ago
Thomas Lynch
f0cc975ad9
ask to overwrite, actually > overwrite, and make geoip work properly when script rerun
3 years ago
Thomas Lynch
8afb1c9ad4
ref 407, invalid sed command
3 years ago
Thomas Lynch
76f0ba36f2
Add option to nginx.sh for robots.txt to disallow all
3 years ago
Thomas Lynch
96a1dbd531
delete dupe
3 years ago
Thomas Lynch
cc140f00a8
reference #352 improve nginx script
...
add letsencrypt
fix missing substitution for onion
update INSTALLATION.md
3 years ago
Thomas Lynch
e787c7892d
Starting work on making nginx easy to configure (for standard installations) reference #352
3 years ago
Thomas Lynch
ef35320e4f
INSTALLATION.md improvement close #383
...
note about possible location where to clone repo and put it earlier
note about apex domain and www
clarify that nginx config replacement must also occur in snippets
add loki and onions to example CSP snippets
add www. subdomain to example CSP snippets
add way to remove onion or lokinet from the CSP if not used
3 years ago
Thomas Lynch
61fd634ec5
stricter csp for video element, use media-src
3 years ago
Thomas Lynch
a64c17a037
add video thumbnails in frontend script, for supported types. otherwise fallback to "videothumbnail" image.
...
update csp for blob: canvas/video
close #220
3 years ago
Thomas Lynch
9f7b4a6d9d
force higher iq nginx configs, and improve readme about it
3 years ago
Thomas Lynch
cfae852971
use gulp-real-favicon
...
make favicons , files for safari, msfile, browserconfig, webmanifest, etc in gulp task
remove favicon2 so no exclamation mark favicon for now, until it can be incorporated
somehow. but the number like (x) is shown so it shouldnt matter.
maybe another commit can add a general "!" icon if somebody makes one
3 years ago
Thomas Lynch
d46ca5ade0
make csp always
...
for private backend, set the headers in the named block
remove the root and use /dev/null instead of $uri to call it
4 years ago
Thomas Lynch
1118ee3e4f
nginx fuckery, as usual
4 years ago
Thomas Lynch
1c5f14e419
This did not go as planned
4 years ago
Thomas Lynch
9c8e842913
close #319
4 years ago
Thomas Lynch
4beb89bb22
improved nginx advanced and snippets config, less duplication for @backend and / (app) locations and added loki
4 years ago
Thomas Lynch
95397a45fd
add connect-src to content security policy, fixes websocket for browsers (actually just 1 browser, fucking SAFARI) that check it for websockets, because apparently it cant just use the 'self' from the default-src... f me
4 years ago
some random guy
b110dac7ba
support flac audio
4 years ago
Thomas Lynch
02c1423dba
thumbnail size follows vars properly, and add to onion-location header in nginx config
4 years ago
Thomas Lynch
b7b3bfc740
comma missing in referrer policy header
4 years ago
Thomas Lynch
81e880dbb0
Make referrerpolicy a little less strict, so yt embeds will work closes #243
4 years ago
Thomas Lynch
a04d62d29e
Minor nginx config changes, fix the routes snippet and add a complete advanced example
4 years ago
Thomas Lynch
1399dda5fd
Json routes will hit backend & get 404'd there,
...
allows for pages with missing json that arent prebuilt to build when json route is hit,
without requiring html pageload first better for api
4 years ago
some random guy
9d947772d6
fix csp headers in nginx example configs for embedding
4 years ago
Thomas Lynch
14ce396c87
README improvement, nginx configs moved, nginx error pages fixed
4 years ago