diff --git a/tasks/main.yml b/tasks/main.yml index 7f3586e..9c639eb 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -9,6 +9,7 @@ dest: /opt/{{ docker_grav_service_id }}/ with_items: - docker-compose.yml + - robots-sitemap.txt notify: docker-compose-up diff --git a/templates/1_vhost_additional.conf b/templates/1_vhost_additional.conf index bff0b32..6e28790 100644 --- a/templates/1_vhost_additional.conf +++ b/templates/1_vhost_additional.conf @@ -1,7 +1,5 @@ # {{ ansible_managed }} -Header set Content-Security-Policy "default-src 'self'; img-src 'self'; style-src 'self'; script-src 'self'; object-src 'none'" - ProxyErrorOverride off RequestHeader unset Authorization diff --git a/templates/2_mds_exclusion.conf b/templates/2_mds_exclusion.conf index e2bb153..5fe2b7d 100644 --- a/templates/2_mds_exclusion.conf +++ b/templates/2_mds_exclusion.conf @@ -1 +1,6 @@ # {{ ansible_managed }} + + SecRuleRemoveById 933210 + SecRuleRemoveById 949110 + + diff --git a/templates/docker-compose.yml b/templates/docker-compose.yml index 11af423..a5b4e1f 100644 --- a/templates/docker-compose.yml +++ b/templates/docker-compose.yml @@ -10,6 +10,7 @@ services: - PGID=1000 - TZ=Europe/Paris volumes: + - ./robots-sitemap.txt:/app/grav-admin/robots.txt - /data1/{{ docker_grav_service_id }}/config:/config restart: always labels: diff --git a/templates/robots-sitemap.txt b/templates/robots-sitemap.txt new file mode 100644 index 0000000..fe5ff58 --- /dev/null +++ b/templates/robots-sitemap.txt @@ -0,0 +1,17 @@ +Sitemap: https://{{ docker_grav_fqdn[0] }}/sitemap +User-agent: * +Disallow: /backup/ +Disallow: /bin/ +Disallow: /cache/ +Disallow: /grav/ +Disallow: /logs/ +Disallow: /system/ +Disallow: /vendor/ +Disallow: /user/ +Allow: /user/pages/ +Allow: /user/themes/ +Allow: /user/images/ +Allow: / +Allow: *.css$ +Allow: *.js$ +Allow: /system/*.js$