diff --git a/roles/mastodon/templates/default.conf b/roles/mastodon/templates/default.conf index d8620a1..f8f2997 100644 --- a/roles/mastodon/templates/default.conf +++ b/roles/mastodon/templates/default.conf @@ -36,11 +36,18 @@ server { try_files $uri @proxy; } - location ~ ^/(assets|avatars|emoji|headers|packs|shortcuts|sounds|system)/ { + location ~ ^/(assets|avatars|emoji|headers|packs|shortcuts|sounds)/ { add_header Cache-Control "public, max-age=2419200, must-revalidate"; try_files $uri @proxy; } + location ~ ^/system/ { + add_header Cache-Control "public, max-age=2419200, immutable"; + add_header X-Content-Type-Options nosniff; + add_header Content-Security-Policy "default-src 'none'; form-action 'none'"; + try_files $uri @proxy; + } + location /sw.js { add_header Cache-Control "public, max-age=604800, must-revalidate"; try_files $uri @proxy;