mirror of
https://github.com/offen/website.git
synced 2024-11-23 09:20:33 +01:00
Merge pull request #111 from offen/development
Fix blog links, add Content-Security-Policy
This commit is contained in:
commit
61b91b42c6
@ -1,12 +0,0 @@
|
|||||||
account_users:
|
|
||||||
- email: develop@offen.dev
|
|
||||||
password: develop
|
|
||||||
accounts:
|
|
||||||
- 9b63c4d8-65c0-438c-9d30-cc4b01173393
|
|
||||||
- 78403940-ae4f-4aff-a395-1e90f145cf62
|
|
||||||
|
|
||||||
accounts:
|
|
||||||
- name: offen.dev
|
|
||||||
id: 9b63c4d8-65c0-438c-9d30-cc4b01173393
|
|
||||||
- name: Other
|
|
||||||
id: 78403940-ae4f-4aff-a395-1e90f145cf62
|
|
@ -1,16 +1,9 @@
|
|||||||
version: '3'
|
version: '3'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
proxy:
|
|
||||||
image: nginx:1.17-alpine
|
|
||||||
volumes:
|
|
||||||
- ./nginx.conf:/etc/nginx/nginx.conf
|
|
||||||
ports:
|
|
||||||
- 8000:80
|
|
||||||
depends_on:
|
|
||||||
- homepage
|
|
||||||
|
|
||||||
homepage:
|
homepage:
|
||||||
|
ports:
|
||||||
|
- 8000:8000
|
||||||
build:
|
build:
|
||||||
context: '.'
|
context: '.'
|
||||||
dockerfile: ./Dockerfile.python
|
dockerfile: ./Dockerfile.python
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
<article class="w-100 mt5-m mt0-l gray">
|
<article class="w-100 mt5-m mt0-l gray">
|
||||||
<div class="mw8 center pv5 ph3 ph5-m pr0-l pl5-l bg-white">
|
<div class="mw8 center pv5 ph3 ph5-m pr0-l pl5-l bg-white">
|
||||||
<figure class="larger-image mb4">
|
<figure class="larger-image mb4">
|
||||||
<a href="{{ article.slug }}">
|
<a href="/blog/{{ article.slug }}/">
|
||||||
<img alt="{{ article.title }}" src="{{ article.image_url }}"/>
|
<img alt="{{ article.title }}" src="{{ article.image_url }}"/>
|
||||||
</a>
|
</a>
|
||||||
</figure>
|
</figure>
|
||||||
@ -26,10 +26,10 @@
|
|||||||
{{ article.date | strftime('%d %b %Y') }}{% if article.modified %}(article.updated {{ article.modified | strftime('%d %b %Y') }}){% endif %}, {{ article.author }}
|
{{ article.date | strftime('%d %b %Y') }}{% if article.modified %}(article.updated {{ article.modified | strftime('%d %b %Y') }}){% endif %}, {{ article.author }}
|
||||||
</h6>
|
</h6>
|
||||||
<h1 class="f26 normal lh-title mt3 ma0 mb3 light-silver">
|
<h1 class="f26 normal lh-title mt3 ma0 mb3 light-silver">
|
||||||
<a href="{{ article.slug }}" class="link b dim gray">{{ article.title }}</a>
|
<a href="/blog/{{ article.slug }}/" class="link b dim gray">{{ article.title }}</a>
|
||||||
</h1>
|
</h1>
|
||||||
<p class="">
|
<p>
|
||||||
{{ article.description }} <a href="{{ article.slug }}" class="link b dim gray">Read more</a>
|
{{ article.description }} <a href="/blog/{{ article.slug }}/" class="link b dim gray">Read more</a>
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
</article>
|
</article>
|
||||||
|
@ -6,6 +6,7 @@
|
|||||||
{% block title %}{{ title }}{% endblock %}
|
{% block title %}{{ title }}{% endblock %}
|
||||||
</title>
|
</title>
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
|
<meta http-equiv="Content-Security-Policy" content="default-src 'self' *; script-src 'self' *.offen.dev; frame-src 'self' *.offen.dev">
|
||||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=5">
|
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=5">
|
||||||
<meta name="description" content="{{ description }}">
|
<meta name="description" content="{{ description }}">
|
||||||
@ -135,7 +136,7 @@
|
|||||||
<div class="mw7 center flex flex-wrap ph5-ns">
|
<div class="mw7 center flex flex-wrap ph5-ns">
|
||||||
<div class="w-100 w-50-l">
|
<div class="w-100 w-50-l">
|
||||||
<figure class="ma0 pr3-l mb3 mb0-l">
|
<figure class="ma0 pr3-l mb3 mb0-l">
|
||||||
<a href="/blog/privacy-friendly-and-fair-web">
|
<a href="/blog/privacy-friendly-and-fair-web/">
|
||||||
<img alt="Let's build a web that is privacy friendly and fair" src="/theme/images/offen-blog-0080-beta.jpg">
|
<img alt="Let's build a web that is privacy friendly and fair" src="/theme/images/offen-blog-0080-beta.jpg">
|
||||||
</a>
|
</a>
|
||||||
</figure>
|
</figure>
|
||||||
@ -143,7 +144,7 @@
|
|||||||
<div class="w-100 w-50-l cclr-bg-yellow-mid">
|
<div class="w-100 w-50-l cclr-bg-yellow-mid">
|
||||||
<div class="pl3-l">
|
<div class="pl3-l">
|
||||||
<h3 class="f3 normal lh-title ma0 mb2">
|
<h3 class="f3 normal lh-title ma0 mb2">
|
||||||
<a href="/blog/privacy-friendly-and-fair-web" class="link b dim cclr-fnt-black-mid">Let's build a web that is privacy friendly and fair</a>
|
<a href="/blog/privacy-friendly-and-fair-web/" class="link b dim cclr-fnt-black-mid">Let's build a web that is privacy friendly and fair</a>
|
||||||
</h3>
|
</h3>
|
||||||
<p class="ma0">
|
<p class="ma0">
|
||||||
What does the term 'privacy friendly' actually stand for? Mostly it's just about technical issues that don't tackle the underlying problem. <a href="/blog/privacy-friendly-and-fair-web" class="link b dim cclr-fnt-black-mid">Read more</a>
|
What does the term 'privacy friendly' actually stand for? Mostly it's just about technical issues that don't tackle the underlying problem. <a href="/blog/privacy-friendly-and-fair-web" class="link b dim cclr-fnt-black-mid">Read more</a>
|
||||||
@ -162,7 +163,7 @@
|
|||||||
<div class="mw7 center flex flex-wrap ph5-ns">
|
<div class="mw7 center flex flex-wrap ph5-ns">
|
||||||
<div class="w-100 w-50-l">
|
<div class="w-100 w-50-l">
|
||||||
<figure class="ma0 pr3-l mb3 mb0-l">
|
<figure class="ma0 pr3-l mb3 mb0-l">
|
||||||
<a href="/blog/hosting-offen-on-budget">
|
<a href="/blog/hosting-offen-on-budget/">
|
||||||
<img alt="Hosting Offen on a budget" src="/theme/images/offen-blog-0070-budget.jpg">
|
<img alt="Hosting Offen on a budget" src="/theme/images/offen-blog-0070-budget.jpg">
|
||||||
</a>
|
</a>
|
||||||
</figure>
|
</figure>
|
||||||
@ -170,7 +171,7 @@
|
|||||||
<div class="w-100 w-50-l cclr-bg-yellow-mid">
|
<div class="w-100 w-50-l cclr-bg-yellow-mid">
|
||||||
<div class="pl3-l">
|
<div class="pl3-l">
|
||||||
<h3 class="f3 normal lh-title ma0 mb2">
|
<h3 class="f3 normal lh-title ma0 mb2">
|
||||||
<a href="/blog/hosting-offen-on-budget" class="link b dim cclr-fnt-black-mid">Hosting Offen on a budget</a>
|
<a href="/blog/hosting-offen-on-budget/" class="link b dim cclr-fnt-black-mid">Hosting Offen on a budget</a>
|
||||||
</h3>
|
</h3>
|
||||||
<p class="ma0">
|
<p class="ma0">
|
||||||
Here are some real world options for hosting Offen on a budget. Let's compare how they relate in terms of ease of deployment, performance and pricing. <a href="/blog/hosting-offen-on-budget" class="link b dim cclr-fnt-black-mid">Read more</a>
|
Here are some real world options for hosting Offen on a budget. Let's compare how they relate in terms of ease of deployment, performance and pricing. <a href="/blog/hosting-offen-on-budget" class="link b dim cclr-fnt-black-mid">Read more</a>
|
||||||
|
45
nginx.conf
45
nginx.conf
@ -1,45 +0,0 @@
|
|||||||
events {}
|
|
||||||
|
|
||||||
http {
|
|
||||||
include mime.types;
|
|
||||||
|
|
||||||
upstream homepage {
|
|
||||||
server homepage:8000;
|
|
||||||
}
|
|
||||||
|
|
||||||
map $request_uri $expires {
|
|
||||||
default off;
|
|
||||||
"~-[0-9a-z]{10}\.js$" 1d;
|
|
||||||
"~*(woff|woff2|ttf|eot)$" 1d;
|
|
||||||
}
|
|
||||||
|
|
||||||
map $sent_http_content_type $csp {
|
|
||||||
default "";
|
|
||||||
"~^text/html" "default-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'";
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
expires $expires;
|
|
||||||
add_header Content-Security-Policy $csp;
|
|
||||||
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
|
|
||||||
add_header Referrer-Policy 'origin-when-cross-origin';
|
|
||||||
add_header X-Content-Type-Options 'nosniff';
|
|
||||||
add_header X-XSS-Protection '1; mode=block';
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://homepage;
|
|
||||||
proxy_redirect off;
|
|
||||||
}
|
|
||||||
|
|
||||||
error_page 404 /custom_404.html;
|
|
||||||
# in development, this handles empty responses by the pelican dev server which are 404s in the end
|
|
||||||
error_page 502 /custom_404.html;
|
|
||||||
location = /custom_404.html {
|
|
||||||
internal;
|
|
||||||
proxy_pass http://homepage/404.html;
|
|
||||||
proxy_redirect off;
|
|
||||||
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user