Drew DeVault
fd450d1e5d
robots.txt: add bytespider
2024-03-28 11:34:42 +01:00
Drew DeVault
bb1eb0985f
sourcehut.conf: update python
2024-03-20 13:11:32 +01:00
Drew DeVault
f4d1369b20
robots.txt: disallow barkrowler
2024-03-20 10:16:59 +01:00
Conrad Hoffmann
9bd0f27004
meta.sr.ht: include web.conf in /register
...
The web.conf include handles X-Real-Ip and X-Forwarded-For, which are
needed on this route for better spam detection.
2024-03-12 13:34:35 +01:00
Ludovic Chabant
47015e997a
Add https cloning config to hg.sr.ht
...
It was mentioned in man.sr.ht, before sr.ht-nginx existed.
2024-01-21 20:33:20 +01:00
Drew DeVault
2ac7ca050c
robots.txt: add more LLM scrapers
2023-12-09 22:39:04 +01:00
Simon Ser
553f91a177
pages.sr.ht: turn on HTTP/2
...
Turn on the PROXY protocol, and advertise HTTP/2 support via ALPN.
2023-10-24 13:54:14 +02:00
Drew DeVault
e6d37210a4
sourcehut.conf: block mastodon from all services
...
When Mastodon posts federate URLs throughout the network, every Mastodon
server it touches will fetch the URL to prepare a preview, consistently
causing a DDoS every time.
This has been a known issue for 6 years and they don't really give a
shit, so they get blocked.
https://github.com/mastodon/mastodon/issues/4486
https://github.com/mastodon/mastodon/issues/23662
2023-10-13 10:20:11 +02:00
Drew DeVault
9af0afe04a
*.conf: update CSP
2023-09-14 14:13:53 +02:00
Drew DeVault
782af7be55
Add new marketing bot
2023-09-01 15:20:03 +02:00
Drew DeVault
bd0f2946ef
robots.txt: exclude GPTBot
2023-08-08 10:49:37 +02:00
Drew DeVault
4c7445f678
robots.txt: add mbox & raw (for lists)
2023-05-11 09:55:43 +02:00
Drew DeVault
91e2a5d0fc
sourcehut.conf: bump python version
2023-03-22 10:18:47 +01:00
Simon Ser
266a8d738c
meta.sr.ht: passthrough OAuth 2.0 server metadata
...
port443.conf has an explicit rule for .well-known. Override it
for the OAuth 2.0 server metadata path.
2023-02-20 10:37:33 +01:00
Drew DeVault
195622c35f
robots.txt: turnitin changed their UA
2023-02-03 10:16:50 +01:00
Drew DeVault
c735f50368
hub.sr.ht: add GQL API
2022-11-02 11:57:04 +01:00
Drew DeVault
62a9753d33
man.sr.ht: correct API port
2022-11-02 11:01:12 +01:00
Drew DeVault
c1ca10d3e6
man.sr.ht: add GraphQL routes
2022-11-02 10:32:30 +01:00
Drew DeVault
a195e2fc77
robots.txt: add more git.sr.ht routes
...
Most crawlers end up crawling the entire history of a repository, which
is kind of pointless and expensive.
2022-05-25 16:43:19 +02:00
Drew DeVault
31237ce40d
robots.txt: add seekport crawler
2022-04-09 12:12:59 +02:00
Conrad Hoffmann
5300cf2efa
Include common headers from separate file
...
This commit brings back all headers previously defined in port443.conf.
The current setup has been missing them since the `add_header` directive
was added to the individual `location` blocks (for CSP). The nginx
manual states:
> These directives are inherited from the previous configuration level
> if and only if there are no add_header directives defined on the
> current level
http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
None of the headers are important enough that they would have to be
added to all possible `location` blocks. Adding them to the root block
for each site will be sufficient.
2022-03-15 12:34:20 +01:00
Drew DeVault
305e2a56cf
robots.txt: disallow / for turnitinbot
2022-02-14 15:14:59 +01:00
Drew DeVault
915ba53af3
todo.sr.ht.conf: add unsafe-inline scripts to CSP
...
Necessary for GraphQL page
2022-02-01 09:35:00 +01:00
Drew DeVault
bfcbf15d5f
lists.sr.ht: add max_body_size
2021-12-21 23:52:34 +01:00
Noelle Leigh
e58e225e51
chat.sr.ht: add location directive for manifest
...
When visiting chat.sr.ht while signed in, this message is printed to the
browser console (Chrome):
> Refused to load manifest from
> 'https://meta.sr.ht/login?return_to=https://chat.sr.ht/manifest.webmanifest '
> because it violates the following Content Security Policy directive:
> "default-src 'self'". Note that 'manifest-src' was not explicitly set,
> so 'default-src' is used as a fallback.
Adding a separate location for /manifest.webmanifest will allow the
browser to load the manifest without having to include credentials
(which is the case by default).
2021-12-13 12:59:06 +01:00
Drew DeVault
e15aaf9763
hub.sr.ht: redirect hub.sr.ht -> sr.ht
...
Fixes: https://todo.sr.ht/~sircmpwn/hub.sr.ht/78
2021-12-06 09:43:01 +01:00
Drew DeVault
834ed1fb23
chat.sr.ht: update CSP
2021-11-29 14:50:57 +01:00
Drew DeVault
7bb13cb0e6
README.md: fix typo
2021-11-28 11:33:17 +01:00
Drew DeVault
99a7dda1e0
Unblock TTRSS
...
This doesn't work with nginx for some reason despite being exactly in
accordance with the official docs on conditional statements. Hooray!
This reverts commit 54a9c41f67
.
2021-11-25 10:43:28 +01:00
Drew DeVault
a7824a82a2
robots.txt: disallow git logs
...
This is an expensive route due to inefficiencies in pygit2's log
implementation. We might be able to turn this back on in the future.
2021-11-25 10:38:10 +01:00
Drew DeVault
54a9c41f67
git.sr.ht: block TTRSS
...
They keep requesting data URIs.
2021-11-25 10:32:58 +01:00
Drew DeVault
fa6ad0e02e
robots.txt: add AmazonBot
2021-11-25 10:22:42 +01:00
Simon Ser
a256c80630
chat.sr.ht.conf: add prometheus metrics endpoint
2021-11-18 08:59:49 +01:00
Drew DeVault
c0d79e6618
hg.sr.ht.conf: remove unused authorize route
2021-11-16 21:48:25 +01:00
Drew DeVault
c06fbfbad1
hg.sr.ht.conf: fix /authorize port
2021-10-27 10:35:26 +02:00
Drew DeVault
bbd0d30cd7
robots.txt: disallow new SEO bot
2021-10-27 10:21:59 +02:00
Drew DeVault
529ae6e539
hg.sr.ht.conf: update CSP for GQL sandbox
2021-10-27 10:17:52 +02:00
Simon Ser
1844d6be9c
Add config for chat.sr.ht
2021-10-14 10:01:58 +02:00
Drew DeVault
3e6d445c26
paste.sr.ht: add GraphQL configuration
2021-09-22 08:19:48 +02:00
Drew DeVault
5650499a82
hub.sr.ht: add second server_name
2021-09-05 10:57:23 +02:00
Drew DeVault
3ab3fac0b0
meta.sr.ht: re-introduce spam config
2021-09-04 11:05:47 +02:00
Drew DeVault
081fce4019
all: remove variables in server_name
...
This doesn't actually work, it just pretends to work. Fuck you nginx
2021-08-31 08:25:08 +02:00
Drew DeVault
cb3972376c
all: add correct CSP headers
2021-08-30 10:53:05 +02:00
Drew DeVault
dcfe4221f8
web, graphql: set X-Forwarded-For properly
2021-08-30 10:36:23 +02:00
Drew DeVault
f75b6ca38f
fuckings to nginx
...
Every variable is unwrapped at runtime and only accounted for in some
commands, which does not include ssl_certificate. Anyone who complains
about this is made fun of. Assholes.
2021-08-30 10:02:35 +02:00
Drew DeVault
7cd01f56a8
X-Real-IP: minor fixes
2021-08-30 09:38:02 +02:00
Drew DeVault
2cd31be8da
all: move domains.conf => sourcehut.conf
2021-08-30 09:29:53 +02:00
Drew DeVault
d1599dd5e0
all: refactor common config options into includes
2021-08-30 09:22:32 +02:00
Drew DeVault
30afc8ce5b
pages.sr.ht: update configuration
2021-08-05 09:35:51 +02:00
Drew DeVault
7151e98dba
all: update python paths
2021-08-05 09:35:39 +02:00