Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http:
- middlewares:
- middlewares-rate-limit:
- rateLimit:
- average: 100
- burst: 50
- middlewares-secure-headers:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - PUT
- accessControlMaxAge: 100
- hostsProxyHeaders:
- - "X-Forwarded-Host"
- sslRedirect: true
- stsSeconds: 63072000
- stsIncludeSubdomains: true
- stsPreload: true
- forceSTSHeader: true
- # frameDeny: true #overwritten by customFrameOptionsValue
- customFrameOptionsValue: "allow-from https:yourdomaingoeshere.com" #CSP takes care of this but may be needed for organizr.
- contentTypeNosniff: true
- browserXssFilter: true
- # sslForceHost: true # add sslHost to all of the services
- # sslHost: "example.com"
- referrerPolicy: "same-origin"
- # Setting contentSecurityPolicy is more secure but it can break things. Proper auth will reduce the risk.
- # the below line also breaks some apps due to 'none' - sonarr, radarr, etc.
- # contentSecurityPolicy: "frame-ancestors '*.example.com:*';object-src 'none';script-src 'none';"
- featurePolicy: "camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';"
- customResponseHeaders:
- X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex,"
- server: ""
- middlewares-authelia:
- forwardAuth:
- address: "http://authelia:9091/api/verify?rd=https://authelia.yourdomaingoeshere.com"
- trustForwardHeader: true
- authResponseHeaders:
- - "Remote-User"
- - "Remote-Groups"
Add Comment
Please, Sign In to add comment