ciphers ECDHE-ECDSA-WITH-CHACHA20-POLY1305 ECDHE-RSA-WITH-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256
}
- header / {
- Strict-Transport-Security "max-age=31536000; includeSubDomains;"
- Expect-CT "enforce, max-age=2592000"
- }
-
# If you do not want to use the mediaproxy function, remove these lines.
# To use this directive, you need the http.cache plugin for Caddy.
cache {
SSLCompression off
SSLSessionTickets off
- # Uncomment this only after you get HTTPS working.
- # Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
-
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
client_max_body_size 16m;
location / {
- # Uncomment this only after you get HTTPS working.
- # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
set bereq.http.connection = req.http.connection;
}
}
-
-sub vcl_deliver {
- # Uncomment this only after you get HTTPS working.
- # set resp.http.Strict-Transport-Security= "max-age=31536000; includeSubDomains";
-}