31 lines
897 B
TOML
31 lines
897 B
TOML
|
[tls.options]
|
||
|
[tls.options.tls12]
|
||
|
minVersion = "VersionTLS12"
|
||
|
cipherSuites = [
|
||
|
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
|
||
|
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
|
||
|
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
|
||
|
"TLS_AES_256_GCM_SHA384",
|
||
|
"TLS_CHACHA20_POLY1305_SHA256"
|
||
|
]
|
||
|
curvePreferences = ["CurveP521","CurveP384"]
|
||
|
|
||
|
[http]
|
||
|
[http.middlewares.hardening.headers]
|
||
|
accessControlAllowOrigin = "origin-list-or-null"
|
||
|
accessControlMaxAge = 100
|
||
|
addVaryHeader = true
|
||
|
browserXssFilter = true
|
||
|
contentTypeNosniff = true
|
||
|
forceSTSHeader = true
|
||
|
frameDeny = true
|
||
|
stsIncludeSubdomains = true
|
||
|
stsPreload = true
|
||
|
customFrameOptionsValue = "SAMEORIGIN"
|
||
|
referrerPolicy = "same-origin"
|
||
|
featurePolicy = "vibrate 'self'"
|
||
|
stsSeconds = 315360000
|
||
|
|
||
|
[http.middlewares.compression.compress]
|
||
|
excludedContentTypes = ["text/event-stream"]
|