@ -1,11 +1,64 @@
include mime.types
types {
text/markdown md;
}
map $http_accept $file_suffix {
default "html";
~*pdf "pdf";
~*md "md";
~*markdown "md";
~*html "html";
~*gemini "gmi";
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
add_header X-Content-Type-Options "nosniff" always;
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self' https://commento.jonathanh.co.uk; script-src https://commento.jonathanh.co.uk; connect-src ws://commento.jonathanh.co.uk https://commento.jonathanh.co.uk;" always;
add_header Referrer-Policy "no-referrer" always;
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), serial=(), sync-script=(), trust-token-redemption=(), vertical-scroll=(), interest-cohort=()" always;
add_header x-card "curl -L jn.hn/card" always;
server_tokens off;
location / {
# Result of change from .html to /
rewrite ^/tag/zsh.html$ /tag/zsh/ permanent;
rewrite ^/tag/fzf.html$ /tag/fzf/ permanent;
rewrite ^/tag/mutt.html$ /tag/mutt/ permanent;
rewrite ^/tag/security.html$ /tag/security/ permanent;
rewrite ^/tag/firefox.html$ /tag/firefox/ permanent;
rewrite ^/tag/security_advice.html$ /tag/security/ permanent;
rewrite ^/tag/linux.html$ /tag/linux/ permanent;
rewrite ^/tag/websites.html$ /tag/websites/ permanent;
rewrite ^/tag/pentesting.html$ /tag/pentesting/ permanent;
rewrite ^/tag/vim.html$ /tag/vim/ permanent;
rewrite ^/tag/home_assistant.html$ /tag/home_assistant/ permanent;
rewrite ^/blog/freelance-business-security.html$ /blog/freelance-business-security/ permanent;
rewrite ^/blog/wordpress-username-enumeration.html$ /blog/wordpress-username-enumeration/ permanent;
rewrite ^/blog/mutt-setup.html$ /blog/mutt-setup/ permanent;
rewrite ^/blog/building-a-zsh-prompt.html$ /blog/building-a-zsh-prompt/ permanent;
rewrite ^/blog/exchange-mutt.html$ /blog/exchange-mutt/ permanent;
rewrite ^/blog/fuzzy-search-hashcat-modes.html$ /blog/fuzzy-search-hashcat-modes/ permanent;
rewrite ^/blog/tools-that-make-my-life-easier.html$ /blog/tools-that-make-my-life-easier/ permanent;
rewrite ^/blog/outlook-mutt.html$ /blog/outlook-mutt/ permanent;
rewrite ^/blog/upgrading-reverse-shells.html$ /blog/upgrading-reverse-shells/ permanent;
rewrite ^/blog/current-word-completion.html$ /blog/current-word-completion/ permanent;
rewrite ^/blog/keyboard-driven-firefox.html$ /blog/keyboard-driven-firefox/ permanent;
rewrite ^/blog/why-i-made-the-switch-to-zsh.html$ /blog/why-i-made-the-switch-to-zsh/ permanent;
rewrite ^/blog/starting-out-with-homeassistant.html$ /blog/starting-out-with-homeassistant/ permanent;
rewrite ^/blog/the-switch-to-zsh.html$ /blog/the-switch-to-zsh/ permanent;
rewrite ^/blog/xss-through-referer-header.html$ /blog/xss-through-referer-header/ permanent;
rewrite ^/blog/my-setup-jan-2021.html$ /blog/my-setup-jan-2021/ permanent;
rewrite ^/blog/writing-prose-in-vim.html$ /blog/writing-prose-in-vim/ permanent;
rewrite ^/tag/security_advice/?$ /tag/security/ permanent;
root /usr/share/nginx/html;
index index.html index.htm;
}