52 lines
1.5 KiB
Caddyfile
52 lines
1.5 KiB
Caddyfile
:8080 {
|
|
# Serve from dist directory
|
|
root * dist
|
|
file_server
|
|
|
|
# Enable Gzip compression (Brotli requires custom Caddy build)
|
|
encode gzip
|
|
|
|
# Cache static assets aggressively
|
|
@static {
|
|
path *.wasm *.js *.css *.png *.jpg *.jpeg *.gif *.svg *.ico *.woff *.woff2
|
|
}
|
|
header @static Cache-Control "public, max-age=31536000, immutable"
|
|
|
|
# Cache HTML with shorter duration
|
|
@html {
|
|
path *.html /
|
|
}
|
|
header @html Cache-Control "public, max-age=3600"
|
|
|
|
# Security headers
|
|
header {
|
|
# Enable HTTPS redirect in production
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
|
|
# Prevent XSS attacks
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "DENY"
|
|
X-XSS-Protection "1; mode=block"
|
|
|
|
# Content Security Policy for WASM
|
|
Content-Security-Policy "default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; font-src 'self' https://cdn.jsdelivr.net; connect-src *; img-src 'self' data: https:;"
|
|
|
|
# Referrer policy
|
|
Referrer-Policy "strict-origin-when-cross-origin"
|
|
}
|
|
|
|
# WASM MIME type
|
|
@wasm {
|
|
path *.wasm
|
|
}
|
|
header @wasm Content-Type "application/wasm"
|
|
|
|
# Handle SPA routing - serve index.html for non-file requests
|
|
try_files {path} /index.html
|
|
|
|
# Logging
|
|
log {
|
|
output stdout
|
|
format console
|
|
}
|
|
} |