nebula/README.md

# nebula

Where stars are born.

Manages the local infrastructure of my home server.

# modules

1. docker: to actually run the services
2. cloudflare: to manage the DNS
3. mysql: unused, but setup

Self-learning project for terraform

# Planned

1. Setup DigitalOcean
2. Add DO infrastructure via ansible
3. Add traefik for proper proxying

# Security Headers note

The following security headers are applied using traefik on all traefik frontend docker backends:

- HSTS: 2592000 seconds (1 week)
- Redirect HTTP->HTTPS
- contentTypeNosniff: true
- browserXSSFilter: true
- XFO: Allow-From muximux
- referrerPolicy: no-referrer
- X-Powered-By: Allomancy
- X-Server: BlackBox
- X-Clacks-Overhead "GNU Terry Pratchett"
Updates README 2017-11-04 13:53:43 +00:00			`# nebula`

			`Where stars are born.`

			`Manages the local infrastructure of my home server.`

			`# modules`

			`1. docker: to actually run the services`
			`2. cloudflare: to manage the DNS`
Airsonic 2017-11-18 11:40:02 +00:00			`3. mysql: unused, but setup`
Updates README 2017-11-04 13:53:43 +00:00
update docs 2017-11-04 14:30:42 +00:00			`Self-learning project for terraform`

			`# Planned`

			`1. Setup DigitalOcean`
			`2. Add DO infrastructure via ansible`
Security specific stuff 2017-11-29 20:14:05 +00:00			`3. Add traefik for proper proxying`

			`# Security Headers note`

			`The following security headers are applied using traefik on all traefik frontend docker backends:`

			`- HSTS: 2592000 seconds (1 week)`
			`- Redirect HTTP->HTTPS`
			`- contentTypeNosniff: true`
			`- browserXSSFilter: true`
			`- XFO: Allow-From muximux`
			`- referrerPolicy: no-referrer`
			`- X-Powered-By: Allomancy`
			`- X-Server: BlackBox`
			`- X-Clacks-Overhead "GNU Terry Pratchett"`