From b09a66712398cac16e5f10f76d59ee5214769672 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 10 Nov 2022 07:14:13 -0500 Subject: [PATCH] headers.conf sucks --- conf.d/00website.conf | 3 --- conf.d/0x0.conf | 1 - conf.d/breezewiki.conf | 1 - conf.d/cinny.conf | 1 - conf.d/conversejs.conf | 1 - conf.d/dokuwiki.conf | 1 - conf.d/fluffychat.conf | 1 - conf.d/freshrss.conf | 1 - conf.d/ftelnet.conf | 1 - conf.d/gitea.conf | 1 - conf.d/guac.conf | 1 - conf.d/hydrogen.conf | 1 - conf.d/jellyfin.conf | 1 - conf.d/librarian.conf | 1 - conf.d/libreddit.conf | 1 - conf.d/libremdb.conf | 1 - conf.d/libretranslate.conf | 1 - conf.d/mail.vern.cc.conf | 1 - conf.d/mastodon.conf | 1 - conf.d/matrixto.conf | 1 - conf.d/mirror.conf | 1 - conf.d/morss.conf | 1 - conf.d/nextcloud.conf | 1 - conf.d/nitter.conf | 1 - conf.d/owncast.conf | 1 - conf.d/privatebin.conf | 1 - conf.d/proxitok.conf | 1 - conf.d/quetre.conf | 1 - conf.d/rimgo.conf | 1 - conf.d/riot.conf | 1 - conf.d/roundcube.conf | 1 - conf.d/scribe.conf | 1 - conf.d/simpleertube.conf | 1 - conf.d/simplytranslate.conf | 1 - conf.d/teddit.conf | 1 - conf.d/torproject.conf | 1 - conf.d/vikunja.conf | 1 - conf.d/whoogle.conf | 1 - conf.d/wiby.conf | 1 - conf.d/wikiless.conf | 1 - conf.d/yacy.conf | 1 - conf.d/znc.conf | 1 - snippets/headers.conf | 6 ------ 43 files changed, 50 deletions(-) delete mode 100644 snippets/headers.conf diff --git a/conf.d/00website.conf b/conf.d/00website.conf index 229402f..f78d7ad 100644 --- a/conf.d/00website.conf +++ b/conf.d/00website.conf @@ -49,7 +49,6 @@ server { server_name verncceu2kgz54wi7r5jatgmx2mqtsh3knxhiy4m5shescuqtqfa.b32.i2p; include snippets/lets-encrypt.conf; - include snippets/headers.conf; location /.well-known/matrix/server { default_type application/json; @@ -98,7 +97,6 @@ server { server_name vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion www.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion; include snippets/lets-encrypt.conf; - include snippets/headers.conf; location /.well-known/matrix/server { @@ -123,7 +121,6 @@ server { server_name www.vern.cc vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; location /.well-known/matrix/server { default_type application/json; diff --git a/conf.d/0x0.conf b/conf.d/0x0.conf index dba13bd..f707439 100644 --- a/conf.d/0x0.conf +++ b/conf.d/0x0.conf @@ -42,6 +42,5 @@ server { server_name vern0.me; ssl_certificate_key /etc/letsencrypt/live/vern0.me/privkey.pem; ssl_certificate /etc/letsencrypt/live/vern0.me/fullchain.pem; - include snippets/headers.conf; include common/0x0.conf; } diff --git a/conf.d/breezewiki.conf b/conf.d/breezewiki.conf index 1e98169..4cb4a52 100644 --- a/conf.d/breezewiki.conf +++ b/conf.d/breezewiki.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name bw.vern.cc breezewiki.vern.cc fandom.vern.cc; include common/breezewiki.conf; } diff --git a/conf.d/cinny.conf b/conf.d/cinny.conf index 7363385..b00b76a 100644 --- a/conf.d/cinny.conf +++ b/conf.d/cinny.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name cn.vern.cc cinny.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/cinny.conf; } diff --git a/conf.d/conversejs.conf b/conf.d/conversejs.conf index 3bedf00..3f6c503 100644 --- a/conf.d/conversejs.conf +++ b/conf.d/conversejs.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name xmpp.vern.cc conversejs.vern.cc cjs.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/conversejs.conf; } server { diff --git a/conf.d/dokuwiki.conf b/conf.d/dokuwiki.conf index d71be0e..604d8a5 100644 --- a/conf.d/dokuwiki.conf +++ b/conf.d/dokuwiki.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name wiki.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/dokuwiki.conf; } diff --git a/conf.d/fluffychat.conf b/conf.d/fluffychat.conf index 684b175..a59384d 100644 --- a/conf.d/fluffychat.conf +++ b/conf.d/fluffychat.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name fc.vern.cc fluffychat.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/fluffychat.conf; } diff --git a/conf.d/freshrss.conf b/conf.d/freshrss.conf index a0bf2ab..bbab4b8 100644 --- a/conf.d/freshrss.conf +++ b/conf.d/freshrss.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name rss.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/freshrss.conf; } diff --git a/conf.d/ftelnet.conf b/conf.d/ftelnet.conf index cf2636e..0a293a4 100644 --- a/conf.d/ftelnet.conf +++ b/conf.d/ftelnet.conf @@ -28,7 +28,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name ftelnet.vern.cc; include common/ftelnet.conf; diff --git a/conf.d/gitea.conf b/conf.d/gitea.conf index 0c59418..87157fe 100644 --- a/conf.d/gitea.conf +++ b/conf.d/gitea.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name git.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/gitea.conf; } server { diff --git a/conf.d/guac.conf b/conf.d/guac.conf index d1b5d18..cb32b25 100644 --- a/conf.d/guac.conf +++ b/conf.d/guac.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name gc.vern.cc guacamole.vern.cc guac.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/guac.conf; } diff --git a/conf.d/hydrogen.conf b/conf.d/hydrogen.conf index fbb1e24..4332223 100644 --- a/conf.d/hydrogen.conf +++ b/conf.d/hydrogen.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name h2.vern.cc hydrogen.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/hydrogen.conf; } diff --git a/conf.d/jellyfin.conf b/conf.d/jellyfin.conf index c07d70c..a3442c3 100644 --- a/conf.d/jellyfin.conf +++ b/conf.d/jellyfin.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name jf.vern.cc jellyfin.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/jellyfin.conf; } diff --git a/conf.d/librarian.conf b/conf.d/librarian.conf index 61a2339..54a4c4d 100644 --- a/conf.d/librarian.conf +++ b/conf.d/librarian.conf @@ -22,7 +22,6 @@ server { server_name lbry.vern.cc librarian.vern.cc; include common/librarian.conf; include snippets/lets-encrypt.conf; - include snippets/headers.conf; } server { diff --git a/conf.d/libreddit.conf b/conf.d/libreddit.conf index 9d3b1eb..86846c2 100644 --- a/conf.d/libreddit.conf +++ b/conf.d/libreddit.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; server_name lr.vern.cc reddit.vern.cc libreddit.vern.cc fr.vern.cc ferrit.vern.cc; - include snippets/headers.conf; include common/libreddit.conf; } diff --git a/conf.d/libremdb.conf b/conf.d/libremdb.conf index 0b524d0..aef5d41 100644 --- a/conf.d/libremdb.conf +++ b/conf.d/libremdb.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name ld.vern.cc libremdb.vern.cc imdb.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/libremdb.conf; } diff --git a/conf.d/libretranslate.conf b/conf.d/libretranslate.conf index 10ae911..c4d9008 100644 --- a/conf.d/libretranslate.conf +++ b/conf.d/libretranslate.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; server_name lt.vern.cc libretranslate.vern.cc; - include snippets/headers.conf; include common/libretranslate.conf; } server { diff --git a/conf.d/mail.vern.cc.conf b/conf.d/mail.vern.cc.conf index a74affe..d74727e 100644 --- a/conf.d/mail.vern.cc.conf +++ b/conf.d/mail.vern.cc.conf @@ -28,7 +28,6 @@ server { server_name mail.vern.cc; include snippets/lets-encrypt.conf; -# include snippets/headers.conf; include common/mail.conf; ssl_protocols TLSv1.2 TLSv1.3; } diff --git a/conf.d/mastodon.conf b/conf.d/mastodon.conf index feb7deb..025770f 100644 --- a/conf.d/mastodon.conf +++ b/conf.d/mastodon.conf @@ -47,7 +47,6 @@ server { if ($https = '') { return 301 https://$host$request_uri; } # if not connected to HTTPS, perma-redirect to HTTPS include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/mastodon.conf; } diff --git a/conf.d/matrixto.conf b/conf.d/matrixto.conf index 8be190f..160db8f 100644 --- a/conf.d/matrixto.conf +++ b/conf.d/matrixto.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name mto.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/matrixto.conf; } diff --git a/conf.d/mirror.conf b/conf.d/mirror.conf index a6dec39..44122b2 100644 --- a/conf.d/mirror.conf +++ b/conf.d/mirror.conf @@ -36,7 +36,6 @@ server { ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers off; - include snippets/headers.conf; server_name mirror.vern.cc mirrors.vern.cc; location /nav.html { diff --git a/conf.d/morss.conf b/conf.d/morss.conf index bf64227..4c58daa 100644 --- a/conf.d/morss.conf +++ b/conf.d/morss.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name morss.vern.cc; include common/morss.conf; } diff --git a/conf.d/nextcloud.conf b/conf.d/nextcloud.conf index e573966..254fdfb 100644 --- a/conf.d/nextcloud.conf +++ b/conf.d/nextcloud.conf @@ -19,7 +19,6 @@ server { listen 443 ssl http2; server_name nc.vern.cc nextcloud.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/nextcloud.conf; } diff --git a/conf.d/nitter.conf b/conf.d/nitter.conf index 5e06190..1749790 100644 --- a/conf.d/nitter.conf +++ b/conf.d/nitter.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name nt.vern.cc nitter.vern.cc twitter.vern.cc; include common/nitter.conf; } diff --git a/conf.d/owncast.conf b/conf.d/owncast.conf index 3fc7f0b..ae03447 100644 --- a/conf.d/owncast.conf +++ b/conf.d/owncast.conf @@ -23,7 +23,6 @@ server { listen [::]:443 ssl http2; server_name live.vern.cc owncast.vern.cc oc.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/owncast.conf; } diff --git a/conf.d/privatebin.conf b/conf.d/privatebin.conf index e4b89d2..5ff0536 100644 --- a/conf.d/privatebin.conf +++ b/conf.d/privatebin.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name pb.vern.cc privatebin.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/privatebin.conf; } diff --git a/conf.d/proxitok.conf b/conf.d/proxitok.conf index 2594a3a..2b286a3 100644 --- a/conf.d/proxitok.conf +++ b/conf.d/proxitok.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name tt.vern.cc proxitok.vern.cc tiktok.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/proxitok.conf; } diff --git a/conf.d/quetre.conf b/conf.d/quetre.conf index 0b52e31..d1e1fcd 100644 --- a/conf.d/quetre.conf +++ b/conf.d/quetre.conf @@ -22,7 +22,6 @@ server { listen [::]:443 ssl http2; server_name qr.vern.cc quora.vern.cc quetre.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/quetre.conf; } diff --git a/conf.d/rimgo.conf b/conf.d/rimgo.conf index 6a297c1..4e4f601 100644 --- a/conf.d/rimgo.conf +++ b/conf.d/rimgo.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name rg.vern.cc rimgo.vern.cc imgur.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/rimgo.conf; } diff --git a/conf.d/riot.conf b/conf.d/riot.conf index 97ae295..2a6e29b 100644 --- a/conf.d/riot.conf +++ b/conf.d/riot.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name riot.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/riot.conf; } diff --git a/conf.d/roundcube.conf b/conf.d/roundcube.conf index 3ef93e2..ab4620f 100644 --- a/conf.d/roundcube.conf +++ b/conf.d/roundcube.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name rc.vern.cc roundcube.vern.cc wm.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/roundcube.conf; } diff --git a/conf.d/scribe.conf b/conf.d/scribe.conf index 828ea4b..5eed2f7 100644 --- a/conf.d/scribe.conf +++ b/conf.d/scribe.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name sc.vern.cc scribe.vern.cc medium.vern.cc; include common/scribe.conf; } diff --git a/conf.d/simpleertube.conf b/conf.d/simpleertube.conf index 2a57ac0..1f336d3 100644 --- a/conf.d/simpleertube.conf +++ b/conf.d/simpleertube.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name st.vern.cc simpleertube.vern.cc; include common/simpleertube.conf; } diff --git a/conf.d/simplytranslate.conf b/conf.d/simplytranslate.conf index 5c12130..45caa5d 100644 --- a/conf.d/simplytranslate.conf +++ b/conf.d/simplytranslate.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name translate.vern.cc tl.vern.cc simplytranslate.vern.cc; include common/simplytranslate.conf; } diff --git a/conf.d/teddit.conf b/conf.d/teddit.conf index 3fd9e2e..cc57527 100644 --- a/conf.d/teddit.conf +++ b/conf.d/teddit.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name td.vern.cc teddit.vern.cc; include common/teddit.conf; } diff --git a/conf.d/torproject.conf b/conf.d/torproject.conf index 4075d72..4ec8e4e 100644 --- a/conf.d/torproject.conf +++ b/conf.d/torproject.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name torproject.vern.cc; include common/torproject.conf; diff --git a/conf.d/vikunja.conf b/conf.d/vikunja.conf index 1a91a3a..fdba7d1 100644 --- a/conf.d/vikunja.conf +++ b/conf.d/vikunja.conf @@ -21,7 +21,6 @@ server { listen [::]:443 ssl http2; server_name vk.vern.cc todo.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/vikunja.conf; } server { diff --git a/conf.d/whoogle.conf b/conf.d/whoogle.conf index 4d6f7b7..0c06fa7 100644 --- a/conf.d/whoogle.conf +++ b/conf.d/whoogle.conf @@ -16,7 +16,6 @@ server { listen [::]:443 ssl http2; server_name whoogle.vern.cc wg.vern.cc; include snippets/lets-encrypt.conf; - #include snippets/headers.conf; include common/whoogle.conf; } diff --git a/conf.d/wiby.conf b/conf.d/wiby.conf index 1aaa580..cee829f 100644 --- a/conf.d/wiby.conf +++ b/conf.d/wiby.conf @@ -17,7 +17,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name wb.vern.cc wiby.vern.cc; include common/wiby.conf; } diff --git a/conf.d/wikiless.conf b/conf.d/wikiless.conf index 7a975a1..7676fb6 100644 --- a/conf.d/wikiless.conf +++ b/conf.d/wikiless.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name wl.vern.cc wikiless.vern.cc wikipedia.vern.cc; include common/wikiless.conf; } diff --git a/conf.d/yacy.conf b/conf.d/yacy.conf index 94dcef3..51d5e53 100644 --- a/conf.d/yacy.conf +++ b/conf.d/yacy.conf @@ -35,7 +35,6 @@ server { server_name yc.vern.cc yacy.vern.cc; include snippets/lets-encrypt.conf; - include snippets/headers.conf; include common/yacy.conf; diff --git a/conf.d/znc.conf b/conf.d/znc.conf index b0e749e..48e7a60 100644 --- a/conf.d/znc.conf +++ b/conf.d/znc.conf @@ -20,7 +20,6 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; include snippets/lets-encrypt.conf; - include snippets/headers.conf; server_name znc.vern.cc; include common/znc.conf; } diff --git a/snippets/headers.conf b/snippets/headers.conf deleted file mode 100644 index 2ac7096..0000000 --- a/snippets/headers.conf +++ /dev/null @@ -1,6 +0,0 @@ -add_header X-Content-Type-Options "nosniff" always; -add_header X-XSS-Protection "1; mode=block" always; -#add_header Content-Security-Policy "default-src 'self'; font-src 'self'; img-src 'self' https://i.creativecommons.org/ https://licensebuttons.net/; style-src 'self' 'unsafe-inline'" always; -add_header X-Frame-Options "SAMEORIGIN" always; -# intermediate configuration -add_header Referrer-Policy "same-origin" always;