mirror of
https://github.com/monero-project/monero-docs.git
synced 2024-12-22 11:39:35 +00:00
plowsof
543f332da1
- Implemented various HTTP headers to enhance security and privacy Full credit to featherwallet.org for the header configuration + inspiration.
38 lines
1.4 KiB
Text
38 lines
1.4 KiB
Text
FROM python:3.9-slim AS builder
|
|
|
|
WORKDIR /monero-docs
|
|
|
|
COPY . /monero-docs
|
|
|
|
RUN pip install -r requirements.txt
|
|
|
|
RUN mkdocs build
|
|
|
|
FROM nginx:alpine
|
|
|
|
COPY --from=builder /monero-docs/public /usr/share/nginx/html
|
|
|
|
# Inline Nginx configuration
|
|
RUN echo 'server { \
|
|
listen 80; \
|
|
add_header Onion-Location http://xmrdoc6phnvjbf5hmjbwdfu47zavzfngymlnwhs2gyxxpxmad4c65kyd.onion$request_uri; \
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; \
|
|
add_header Referrer-Policy "no-referrer"; \
|
|
add_header X-XSS-Protection "0"; \
|
|
add_header X-Frame-Options "DENY"; \
|
|
add_header X-Content-Type-Options "nosniff"; \
|
|
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"; \
|
|
root /usr/share/nginx/html; \
|
|
index index.html index.htm; \
|
|
error_page 404 /404.html; \
|
|
location = /404.html { \
|
|
internal; \
|
|
} \
|
|
location / { \
|
|
try_files $uri $uri/ =404; \
|
|
} \
|
|
}' > /etc/nginx/conf.d/default.conf
|
|
|
|
EXPOSE 80
|
|
|
|
CMD ["nginx", "-g", "daemon off;"]
|