--- a/pleroma-otp/templates/pleroma.cloudflare.nginx.conf.j2 Sun Apr 26 14:14:18 2020 -0500
+++ b/pleroma-otp/templates/pleroma.cloudflare.nginx.conf.j2 Sat May 02 18:37:45 2020 -0500
@@ -26,12 +26,7 @@
ssl_certificate {{nginx_ssl_cert}};
ssl_certificate_key {{nginx_ssl_privkey}};
- # include /etc/letsencrypt/options-ssl-nginx.conf;
- # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
-
ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
- ssl_stapling on;
- ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000" always;
@@ -45,7 +40,17 @@
# the nginx default is 1m, not enough for large media uploads
client_max_body_size 16m;
+ root {{nginx_html_root}};
+
+ location = / {
+ index index.html;
+ }
+
location / {
+ try_files $uri @pleroma;
+ }
+
+ location @pleroma {
add_header X-XSS-Protection "1; mode=block";
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Frame-Options DENY;