mat.services/netlify.toml

[build]
  command = "zola build --drafts"
  publish = "public/"

[dev]
  command = "zola serve --drafts"
  publish = "public/"
  port = 1111

[[redirects]]
  from = "https://mat-services.netlify.app/*"
  to = "https://mat.services/:splat"
  force = true

[[headers]]
  for = "/*"

  [headers.values]
		# disable FLoC tracking
    Permissions-Policy = "interest-cohort=()"
    # enable HSTS
    Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
    # disable clients from sniffing the media type
    X-Content-Type-Options = "nosniff"
    # clickjacking protection
    X-Frame-Options = "DENY"
    # keep referrer data off of HTTP connections
    Referrer-Policy = "no-referrer"
    # content security policy
		# style-src 'unsafe-inline': syntax highlighting in codefences
		# sandbox allow-popups: enable target="_blank" links to open in new tabs
		Content-Security-Policy = '''
    default-src 'none';
    img-src 'self' https://mat.services https://stats.mat.services;
    style-src 'self' https://mat.services 'unsafe-inline';
    font-src 'self' https://mat.services;
    script-src 'self' https://mat.services https://stats.mat.services;
    form-action 'none';
    frame-ancestors 'none';
    base-uri 'none';
    upgrade-insecure-requests;
    sandbox
      allow-same-origin
      allow-scripts
      allow-popups 
      allow-popups-to-escape-sandbox
    '''
Fly -> Netlify, drop some Nix code 2022-10-11 17:09:21 +00:00			`[build]`
Fix 404 2022-10-17 02:33:04 +00:00			`command = "zola build --drafts"`
Fly -> Netlify, drop some Nix code 2022-10-11 17:09:21 +00:00			`publish = "public/"`

			`[dev]`
			`command = "zola serve --drafts"`
			`publish = "public/"`
			`port = 1111`

			`[[redirects]]`
			`from = "https://mat-services.netlify.app/*"`
			`to = "https://mat.services/:splat"`
			`force = true`

			`[[headers]]`
			`for = "/*"`

			`[headers.values]`
			`# disable FLoC tracking`
			`Permissions-Policy = "interest-cohort=()"`
			`# enable HSTS`
			`Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"`
			`# disable clients from sniffing the media type`
			`X-Content-Type-Options = "nosniff"`
			`# clickjacking protection`
			`X-Frame-Options = "DENY"`
			`# keep referrer data off of HTTP connections`
			`Referrer-Policy = "no-referrer"`
			`# content security policy`
			`# style-src 'unsafe-inline': syntax highlighting in codefences`
			`# sandbox allow-popups: enable target="_blank" links to open in new tabs`
			`Content-Security-Policy = '''`
			`default-src 'none';`
			`img-src 'self' https://mat.services https://stats.mat.services;`
			`style-src 'self' https://mat.services 'unsafe-inline';`
			`font-src 'self' https://mat.services;`
			`script-src 'self' https://mat.services https://stats.mat.services;`
			`form-action 'none';`
			`frame-ancestors 'none';`
			`base-uri 'none';`
			`upgrade-insecure-requests;`
			`sandbox`
			`allow-same-origin`
			`allow-scripts`
			`allow-popups`
			`allow-popups-to-escape-sandbox`
			`'''`