# more info: https://caddyserver.com/docs/caddyfile/patterns#single-page-apps-spas cinny.domain.tld { root * /path/to/cinny/dist try_files {path} /index.html file_server # Security headers (generic; add a Content-Security-Policy suited to your # homeserver + any embedded services). Caddy serves HTTPS automatically, so # HSTS is delivered over TLS. header { X-Frame-Options SAMEORIGIN X-Content-Type-Options nosniff Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security "max-age=63072000; includeSubDomains" Permissions-Policy "accelerometer=(), autoplay=(self), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), payment=(), usb=()" } }