diff --git a/static/Caddyfile b/static/Caddyfile deleted file mode 100644 index d2f4bee..0000000 --- a/static/Caddyfile +++ /dev/null @@ -1,63 +0,0 @@ -{ - # fly.io handles HTTPS for us - auto_https off -} - -http://static-mat-services.fly.dev { - redir https://mat.services -} - -:8080 { - root * {$SITE_ROOT} - encode gzip - file_server - - handle_errors { - @404 { - expression {http.error.status_code} == 404 - } - rewrite @404 /404.html - file_server - } - - header { - # disable FLoC tracking - Permissions-Policy interest-cohort=() - # enable HSTS - # currently ramping up max-age as per https://hstspreload.org/ - Strict-Transport-Security max-age=2592000; includeSubDomains - # disable clients from sniffing the media type - X-Content-Type-Options nosniff - # clickjacking protection - X-Frame-Options DENY - # keep referrer data off of HTTP connections - Referrer-Policy no-referrer - # content security policy - # style-src 'unsafe-inline': syntax highlighting in codefences - # sandbox allow-popups: enable target="_blank" links to open in new tabs - Content-Security-Policy "default-src 'none'; - img-src 'self' https://stats.mat.services; - style-src 'self' 'unsafe-inline'; - font-src 'self'; - script-src 'self' https://stats.mat.services; - form-action 'none'; - frame-ancestors 'none'; - base-uri 'none'; - upgrade-insecure-requests; - sandbox - allow-same-origin - allow-scripts - allow-popups - allow-popups-to-escape-sandbox" - } - - # caching - @static { - path *.bmp *.jpg *.png *.svg *.gif *.pdf *.css *.js *.woff *.woff2 /style/* /font/* /image/* - } - route { - header @static Cache-Control max-age=31536000, immutable - header *.xml Cache-Control max-age=0 - header ?Cache-Control max-age=360 - } -} diff --git a/static/Dockerfile b/static/Dockerfile deleted file mode 100644 index 751efd1..0000000 --- a/static/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM nixos/nix:latest - -WORKDIR /code -RUN nix \ - --extra-experimental-features nix-command \ - --extra-experimental-features flakes \ - build git+https://git.mat.services/mat/mat.services - -FROM caddy:latest - -ENV SITE_ROOT /var/www - -COPY Caddyfile /etc/caddy/Caddyfile -COPY --from=0 /code/result ${SITE_ROOT} -RUN caddy \ No newline at end of file diff --git a/static/fly.toml b/static/fly.toml deleted file mode 100644 index 31dbfda..0000000 --- a/static/fly.toml +++ /dev/null @@ -1,38 +0,0 @@ -# fly.toml file generated for static-mat-services on 2022-08-08T01:01:25-04:00 - -app = "static-mat-services" -kill_signal = "SIGINT" -kill_timeout = 5 -processes = [] - -[env] - -[experimental] - allowed_public_ports = [] - auto_rollback = true - -[[services]] - http_checks = [] - internal_port = 8080 - processes = ["app"] - protocol = "tcp" - script_checks = [] - [services.concurrency] - hard_limit = 25 - soft_limit = 20 - type = "connections" - - [[services.ports]] - force_https = true - handlers = ["http"] - port = 80 - - [[services.ports]] - handlers = ["tls", "http"] - port = 443 - - [[services.tcp_checks]] - grace_period = "1s" - interval = "15s" - restart_limit = 0 - timeout = "2s"