diff --git a/.editorconfig b/.editorconfig index b189fe4c..7b52d32c 100644 --- a/.editorconfig +++ b/.editorconfig @@ -22,6 +22,11 @@ max_line_length = 78 # Opinionated affecting only display, better to not set #tab_width = +# https://github.com/jxddk/prettier-plugin-nginx/issues/8 +[*.nginx] +insert_final_newline = unset +indent_style = unset + # *nix, just in case [*.{bash,sh}] # .gitattributes ! diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index fc2ba1fd..f50e6c08 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -33,6 +33,7 @@ repos: # types to add. exclude_types: [svg, tsv] - id: end-of-file-fixer + exclude: ^etc\/nginx\/.*$ - id: check-yaml - id: check-added-large-files # These are not from `pre-commit sample-config` diff --git a/conf/i3status-rs/config.toml b/conf/i3status-rs/config.toml index d98802f4..8824cdb3 100644 --- a/conf/i3status-rs/config.toml +++ b/conf/i3status-rs/config.toml @@ -5,7 +5,7 @@ # software. # WIP: migration from i3status - # contains: (disk /, disk/home,) load, ipv6, wireless, ethernet, battery, volume, (utc) time, (local time) +# contains: (disk /, disk/home,) load, ipv6, wireless, ethernet, battery, volume, (utc) time, (local time) [theme] name = "solarized-dark" diff --git a/etc/dnscrypt-proxy/dnscrypt-proxy.toml b/etc/dnscrypt-proxy/dnscrypt-proxy.toml index 84df0c9f..b0da7745 100644 --- a/etc/dnscrypt-proxy/dnscrypt-proxy.toml +++ b/etc/dnscrypt-proxy/dnscrypt-proxy.toml @@ -75,20 +75,28 @@ lb_strategy = 'p2' # file = '/var/log/dnscrypt-proxy/nx.log' [sources] - [sources.'public-resolvers'] - #url = 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md' - urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md', 'https://cdn.staticaly.com/gh/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://evilvibes.com/list/public-resolvers.md'] - cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md' - minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' - refresh_delay = 72 - prefix = 'public-' +[sources.'public-resolvers'] +#url = 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md' +urls = [ + 'https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', + 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md', + 'https://cdn.staticaly.com/gh/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', + 'https://evilvibes.com/list/public-resolvers.md', +] +cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md' +minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' +refresh_delay = 72 +prefix = 'public-' [sources.'opennic'] - urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/opennic.md', 'https://download.dnscrypt.info/resolvers-list/v2/opennic.md'] - minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' - refresh_delay = 72 - cache_file = '/var/cache/dnscrypt-proxy/opennic.md' - prefix = 'opennic-' +urls = [ + 'https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/opennic.md', + 'https://download.dnscrypt.info/resolvers-list/v2/opennic.md', +] +minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' +refresh_delay = 72 +cache_file = '/var/cache/dnscrypt-proxy/opennic.md' +prefix = 'opennic-' # 2.0.23 recommended so onions won't be attempted without proxy enabled # (5c9edfccfe67474bee2836ada67f955f10e43357) diff --git a/etc/nginx/conf.d/bitbot.conf.nginx b/etc/nginx/conf.d/bitbot.conf.nginx index 47792a01..366f166d 100644 --- a/etc/nginx/conf.d/bitbot.conf.nginx +++ b/etc/nginx/conf.d/bitbot.conf.nginx @@ -13,4 +13,4 @@ server { location / { proxy_pass http://[::1]:9050; } -} +} \ No newline at end of file diff --git a/etc/nginx/conf.d/default.conf.nginx b/etc/nginx/conf.d/default.conf.nginx index 3ff84e9f..7973bbc4 100644 --- a/etc/nginx/conf.d/default.conf.nginx +++ b/etc/nginx/conf.d/default.conf.nginx @@ -47,4 +47,4 @@ server { #location ~ /\.ht { # deny all; #} -} +} \ No newline at end of file diff --git a/etc/nginx/sites-enabled/old/host.nginx b/etc/nginx/sites-enabled/old/host.nginx index 6ffc7ea2..73148cc4 100644 --- a/etc/nginx/sites-enabled/old/host.nginx +++ b/etc/nginx/sites-enabled/old/host.nginx @@ -27,10 +27,10 @@ server { ssl_prefer_server_ciphers on; # Enable this if your want HSTS (recommended) add_header Strict-Transport-Security - "max-age=15552000; includeSubdomains; preload"; + "max-age=15552000; includeSubdomains; preload"; add_header X-Frame-Options SAMEORIGIN; add_header Content-Security-Policy - upgrade-insecure-requests; + upgrade-insecure-requests; add_header X-Xss-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; # OCSP Stapling --- @@ -84,4 +84,4 @@ server { location ~ /\.ht { deny all; } -} +} \ No newline at end of file diff --git a/etc/nginx/sites-enabled/rproxy.nginx b/etc/nginx/sites-enabled/rproxy.nginx index 6802dfe1..322946f8 100644 --- a/etc/nginx/sites-enabled/rproxy.nginx +++ b/etc/nginx/sites-enabled/rproxy.nginx @@ -5,7 +5,7 @@ server { listen [::]:443; # Enable this if your want HSTS (recommended) add_header Strict-Transport-Security - "max-age=15552000; includeSubdomains; preload"; + "max-age=15552000; includeSubdomains; preload"; add_header X-Frame-Options SAMEORIGIN; add_header Content-Security-Policy upgrade-insecure-requests; add_header X-Xss-Protection "1; mode=block" always; @@ -17,4 +17,4 @@ server { location / { proxy_pass http://localhost:8080; } -} +} \ No newline at end of file diff --git a/etc/nginx/sites-enabled/vhost.nginx b/etc/nginx/sites-enabled/vhost.nginx index 66cbc488..5b8ab4d0 100644 --- a/etc/nginx/sites-enabled/vhost.nginx +++ b/etc/nginx/sites-enabled/vhost.nginx @@ -6,7 +6,7 @@ server { listen [::]:443; # Enable this if your want HSTS (recommended) add_header Strict-Transport-Security - "max-age=15552000; includeSubdomains; preload"; + "max-age=15552000; includeSubdomains; preload"; add_header X-Frame-Options SAMEORIGIN; add_header Content-Security-Policy upgrade-insecure-requests; add_header X-Xss-Protection "1; mode=block" always; @@ -57,4 +57,4 @@ server { location ~ /\.ht { deny all; } -} +} \ No newline at end of file