Commits

Etienne Perot committed 6323174

Add etienneperot.com and etienneperot.name domain aliases

  • Participants
  • Parent commits 58fc28f

Comments (0)

Files changed (1)

 ssl_session_cache                        shared:SSL:20m;
 ssl_session_timeout                      20m;
-server {
+server { # Main server block
 	listen                           [::]:443 default_server ssl;
 	ssl_certificate                  /etc/ssl/private/perot.me.unified.crt;
 	ssl_certificate_key              /etc/ssl/private/perot.me.key;
 	server_name                      perot.me *.perot.me;
 	root                             /home/perot/www;
 	add_header                       Strict-Transport-Security "max-age=8640000, includeSubDomains";
+	add_header                       X-Frame-Options deny; # Nope, no frames here
 	# Disabled because Firefox doesn't support 'unsafe-inline' properly.
 	#add_header                       Content-Security-Policy   "default-src https://perot.me; script-src https://perot.me 'unsafe-inline'";
 	#add_header                       X-Content-Security-Policy "default-src https://perot.me; script-src https://perot.me 'unsafe-inline'";
 	}
 	try_files                        /posts$uri.html /posts$uri.md /posts$uri $uri.html $uri.md $uri/ $uri =404;
 }
-server {
+
+server { # Redirect to HTTPS version, and set STS header
 	listen                           [::]:80;
 	server_name                      perot.me *.perot.me;
 	add_header                       Cache-Control public;
 	add_header                       Strict-Transport-Security "max-age=8640000, includeSubDomains";
 	rewrite                          ^ https://$server_name$request_uri? permanent;
 }
+
+server { # Domain aliases
+	listen                           [::]:80;
+	server_name                      etienneperot.com *.etienneperot.com etienneperot.name *.etienneperot.name;
+	add_header                       Cache-Control public;
+	rewrite                          ^ https://perot.me$request_uri? permanent;
+}