feat(Caddyfile): support security.txt redirection

Introduced handling for security.txt requests in the Caddyfile
configuration to redirect users to a dedicated security page. This
change enables visitors to easily find security policy and vulnerability
reporting information by redirecting requests for
`/.well-known/security.txt` and `/security.txt` to
`https://security.private.coffee/security.txt`. Implementing this
standard practice improves transparency and security posture by
facilitating clearer communication with security researchers and the
public.
This commit is contained in:
Kumi 2024-03-15 10:55:50 +01:00
parent 41ffe2a07f
commit 9c7283dffd
Signed by: kumi
GPG key ID: ECBCC9082395383F

View file

@ -14,6 +14,11 @@ private.coffee www.private.coffee {
path assets /assets/*
}
@security {
path security-well-known /.well-known/security.txt
path security /security.txt
}
handle @matrix {
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
@ -26,6 +31,10 @@ private.coffee www.private.coffee {
root * /srv/private.coffee
}
handle @security {
redir https://security.private.coffee/security.txt
}
handle {
reverse_proxy * unix//var/run/uwsgi/privatecoffee.sock
}