# more info: https://caddyserver.com/docs/caddyfile/patterns#single-page-apps-spas
cinny.domain.tld {
  root * /path/to/cinny/dist
  try_files {path} /index.html
  file_server

  # Security headers (generic; add a Content-Security-Policy suited to your
  # homeserver + any embedded services). Caddy serves HTTPS automatically, so
  # HSTS is delivered over TLS.
  header {
    X-Frame-Options SAMEORIGIN
    X-Content-Type-Options nosniff
    Referrer-Policy strict-origin-when-cross-origin
    Strict-Transport-Security "max-age=63072000; includeSubDomains"
    Permissions-Policy "accelerometer=(), autoplay=(self), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), payment=(), usb=()"
  }
}
