doh 659 B

12345678910111213141516171819202122232425
  1. server {
  2. listen 443 ssl http2;
  3. listen [::]:443 ssl http2;
  4. server_name SERVER_NAME;
  5. server_tokens off;
  6. ssl_protocols TLSv1.3;
  7. # HTTP Security Headers
  8. add_header X-Frame-Options DENY;
  9. add_header X-Content-Type-Options nosniff;
  10. add_header X-XSS-Protection "1; mode=block";
  11. add_header Strict-Transport-Security "max-age=63072000";
  12. ssl_certificate /go/to/ket/;
  13. ssl_certificate_key /go/to/ket/;
  14. gzip off;
  15. add_header Last-Modified $date_gmt;
  16. etag off;
  17. location /dns-query {
  18. proxy_pass http://localhost:8053/dns-query;
  19. proxy_set_header Host $host;
  20. proxy_set_header X-Real-IP $remote_addr;
  21. }
  22. }