2
0
mirror of https://github.com/offen/website.git synced 2024-12-24 13:50:22 +01:00

Merge pull request #111 from offen/development

Fix blog links, add Content-Security-Policy
This commit is contained in:
Frederik Ring 2020-08-27 09:24:11 +02:00 committed by GitHub
commit 61b91b42c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 11 additions and 74 deletions

View File

@ -1,12 +0,0 @@
account_users:
- email: develop@offen.dev
password: develop
accounts:
- 9b63c4d8-65c0-438c-9d30-cc4b01173393
- 78403940-ae4f-4aff-a395-1e90f145cf62
accounts:
- name: offen.dev
id: 9b63c4d8-65c0-438c-9d30-cc4b01173393
- name: Other
id: 78403940-ae4f-4aff-a395-1e90f145cf62

View File

@ -1,16 +1,9 @@
version: '3'
services:
proxy:
image: nginx:1.17-alpine
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 8000:80
depends_on:
- homepage
homepage:
ports:
- 8000:8000
build:
context: '.'
dockerfile: ./Dockerfile.python

View File

@ -18,7 +18,7 @@
<article class="w-100 mt5-m mt0-l gray">
<div class="mw8 center pv5 ph3 ph5-m pr0-l pl5-l bg-white">
<figure class="larger-image mb4">
<a href="{{ article.slug }}">
<a href="/blog/{{ article.slug }}/">
<img alt="{{ article.title }}" src="{{ article.image_url }}"/>
</a>
</figure>
@ -26,10 +26,10 @@
{{ article.date | strftime('%d %b %Y') }}{% if article.modified %}(article.updated {{ article.modified | strftime('%d %b %Y') }}){% endif %}, {{ article.author }}
</h6>
<h1 class="f26 normal lh-title mt3 ma0 mb3 light-silver">
<a href="{{ article.slug }}" class="link b dim gray">{{ article.title }}</a>
<a href="/blog/{{ article.slug }}/" class="link b dim gray">{{ article.title }}</a>
</h1>
<p class="">
{{ article.description }} <a href="{{ article.slug }}" class="link b dim gray">Read more</a>
<p>
{{ article.description }} <a href="/blog/{{ article.slug }}/" class="link b dim gray">Read more</a>
</p>
</div>
</article>

View File

@ -6,6 +6,7 @@
{% block title %}{{ title }}{% endblock %}
</title>
<meta charset="UTF-8">
<meta http-equiv="Content-Security-Policy" content="default-src 'self' *; script-src 'self' *.offen.dev; frame-src 'self' *.offen.dev">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=5">
<meta name="description" content="{{ description }}">
@ -135,7 +136,7 @@
<div class="mw7 center flex flex-wrap ph5-ns">
<div class="w-100 w-50-l">
<figure class="ma0 pr3-l mb3 mb0-l">
<a href="/blog/privacy-friendly-and-fair-web">
<a href="/blog/privacy-friendly-and-fair-web/">
<img alt="Let's build a web that is privacy friendly and fair" src="/theme/images/offen-blog-0080-beta.jpg">
</a>
</figure>
@ -143,7 +144,7 @@
<div class="w-100 w-50-l cclr-bg-yellow-mid">
<div class="pl3-l">
<h3 class="f3 normal lh-title ma0 mb2">
<a href="/blog/privacy-friendly-and-fair-web" class="link b dim cclr-fnt-black-mid">Let's build a web that is privacy friendly and fair</a>
<a href="/blog/privacy-friendly-and-fair-web/" class="link b dim cclr-fnt-black-mid">Let's build a web that is privacy friendly and fair</a>
</h3>
<p class="ma0">
What does the term 'privacy friendly' actually stand for? Mostly it's just about technical issues that don't tackle the underlying problem. <a href="/blog/privacy-friendly-and-fair-web" class="link b dim cclr-fnt-black-mid">Read more</a>
@ -162,7 +163,7 @@
<div class="mw7 center flex flex-wrap ph5-ns">
<div class="w-100 w-50-l">
<figure class="ma0 pr3-l mb3 mb0-l">
<a href="/blog/hosting-offen-on-budget">
<a href="/blog/hosting-offen-on-budget/">
<img alt="Hosting Offen on a budget" src="/theme/images/offen-blog-0070-budget.jpg">
</a>
</figure>
@ -170,7 +171,7 @@
<div class="w-100 w-50-l cclr-bg-yellow-mid">
<div class="pl3-l">
<h3 class="f3 normal lh-title ma0 mb2">
<a href="/blog/hosting-offen-on-budget" class="link b dim cclr-fnt-black-mid">Hosting Offen on a budget</a>
<a href="/blog/hosting-offen-on-budget/" class="link b dim cclr-fnt-black-mid">Hosting Offen on a budget</a>
</h3>
<p class="ma0">
Here are some real world options for hosting Offen on a budget. Let's compare how they relate in terms of ease of deployment, performance and pricing. <a href="/blog/hosting-offen-on-budget" class="link b dim cclr-fnt-black-mid">Read more</a>

View File

@ -1,45 +0,0 @@
events {}
http {
include mime.types;
upstream homepage {
server homepage:8000;
}
map $request_uri $expires {
default off;
"~-[0-9a-z]{10}\.js$" 1d;
"~*(woff|woff2|ttf|eot)$" 1d;
}
map $sent_http_content_type $csp {
default "";
"~^text/html" "default-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'";
}
server {
listen 80;
expires $expires;
add_header Content-Security-Policy $csp;
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
add_header Referrer-Policy 'origin-when-cross-origin';
add_header X-Content-Type-Options 'nosniff';
add_header X-XSS-Protection '1; mode=block';
location / {
proxy_pass http://homepage;
proxy_redirect off;
}
error_page 404 /custom_404.html;
# in development, this handles empty responses by the pelican dev server which are 404s in the end
error_page 502 /custom_404.html;
location = /custom_404.html {
internal;
proxy_pass http://homepage/404.html;
proxy_redirect off;
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always;
}
}
}