Added hardening settings.

1 files changed, 8 insertions, 2 deletions

diff --git a/roles/pleroma/templates/prod.secret.exs.j2 b/roles/pleroma/templates/prod.secret.exs.j2
index 85b0bbb..c9b292d 100644
--- a/roles/pleroma/templates/prod.secret.exs.j2
+++ b/roles/pleroma/templates/prod.secret.exs.j2
@@ -2,8 +2,14 @@ use Mix.Config
 
 config :pleroma, Pleroma.Web.Endpoint,
    url: [host: "{{pleroma_link_host}}", scheme: "{{pleroma_link_scheme}}", port: {{pleroma_link_port}}],
-   http: [port: {{pleroma_port}}],
-   secret_key_base: "{{pleroma_secret_key}}"
+   http: [port: {{pleroma_port}}, ip: {127, 0, 0, 1}],
+   secret_key_base: "{{pleroma_secret_key}}",
+   secure_cookie_flag: true,
+   http_security: true
+
+config :pleroma, :http_security,
+  sts: true,
+  referrer_policy: "same-origin"
 
 config :pleroma, :instance,
   name: "{{pleroma_instance_name}}",