From d742bdf9abe8d5ea6e0e065645cfb925834ce71d Mon Sep 17 00:00:00 2001 From: Asif Bacchus Date: Thu, 7 Jan 2021 15:04:04 -0700 Subject: [PATCH] refactor(CONFIG): update sample configuration defaults --- config/buffers.conf | 2 +- config/cfResolver.conf | 3 +++ config/readme | 8 ++++---- snippets/headersSecurity.conf | 4 ++++ 4 files changed, 12 insertions(+), 5 deletions(-) create mode 100644 config/cfResolver.conf diff --git a/config/buffers.conf b/config/buffers.conf index 466ba99..07bdcc3 100644 --- a/config/buffers.conf +++ b/config/buffers.conf @@ -1,4 +1,4 @@ client_body_buffer_size 16k; -client_max_body_size 10M; client_header_buffer_size 1k; large_client_header_buffers 4 8k; +client_max_body_size 10M; \ No newline at end of file diff --git a/config/cfResolver.conf b/config/cfResolver.conf new file mode 100644 index 0000000..f67cba0 --- /dev/null +++ b/config/cfResolver.conf @@ -0,0 +1,3 @@ +resolver + 1.1.1.1 + 1.0.0.1; \ No newline at end of file diff --git a/config/readme b/config/readme index edde12e..d5a385c 100644 --- a/config/readme +++ b/config/readme @@ -1,9 +1,9 @@ - Place all your configuration customization files in this directory - feel free to edit the included recommended files - - files here override container settings including nginx.conf + - files here override container settings - Files here are placed in the HTTP configuration context - ONLY files that end with '.conf' will be processed! - - if you want to keep a file for reference or disable it temporarily, + - if you want to keep a file for reference or disable it temporarily, simply change the extension. I like using '.conf.disabled'. -- If you don't want to use this directory or these settings, you can bind-mount - any other directory you want to '/etc/nginx/config/' +- If you don't want to use this directory or these settings, you can bind-mount + any other directory you want to '/etc/nginx/config/' \ No newline at end of file diff --git a/snippets/headersSecurity.conf b/snippets/headersSecurity.conf index 834a875..a1b958a 100644 --- a/snippets/headersSecurity.conf +++ b/snippets/headersSecurity.conf @@ -1,3 +1,7 @@ +# these are common security headers that you can easily add to locations or +# entire server blocks by including this file +# include /etc/nginx/snippets/headersSecurity.conf; + add_header Feature-Policy "geolocation 'self'"; add_header Referrer-Policy "same-origin" always;