Nginx: Set the file type in Vim.

nginx/conf.d/default.conf

+# vim: ft=nginx
 server {
     listen      80 default_server;
     listen      [::]:80 default_server;

nginx/conf.d/global.conf

+# vim: ft=nginx
 # The resolver for the Docker network.
 resolver                        127.0.0.11 valid=30s;
 gzip                            on;

nginx/conf.d/status.conf

+# vim: ft=nginx
 server {
     listen      80;
     listen      [::]:80;

nginx/snippets/ads-txt.conf

+# vim: ft=nginx
 location = /ads.txt {
     if ($scheme = http) {
         return 301 https://$host$request_uri;

nginx/snippets/allow-ns1.conf

+# vim: ft=nginx
 allow   62.219.131.121;  # ns1.shore.co.il

nginx/snippets/allow-ns4.conf

+# vim: ft=nginx
 allow   163.172.74.36;  # ns4.shore.co.il

nginx/snippets/allow-private-ips.conf

+# vim: ft=nginx
 allow 127.0.0.0/8;
 allow 10.0.0.0/8;
 allow 192.168.0.0/16;

nginx/snippets/allow-shore-ips.conf

+# vim: ft=nginx
 include snippets/allow-ns1.conf;
 include snippets/allow-ns4.conf;
 include snippets/allow-private-ips.conf;

nginx/snippets/common-headers.conf

+# vim: ft=nginx
 # add_headers are inherited from previous level if and only if there are no
 # add_header directives defined on the current level. So any time there's an
 # add_header directive there should be an `include snippets/common-headers.conf`

nginx/snippets/ldap-auth.conf

+# vim: ft=nginx
 auth_request    /validate;
 
 location = /validate {

nginx/snippets/proxy-headers.conf

+# vim: ft=nginx
 proxy_set_header    X-Forwarded-Host $host;
 proxy_set_header    X-Forwarded-Proto $scheme;
 proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;

nginx/snippets/proxy-ssl.conf

+# vim: ft=nginx
 proxy_ssl_verify                  on;
 proxy_ssl_verify_depth            3;
 proxy_ssl_name                    auth.shore.co.il;

nginx/snippets/redirect-https.conf

+# vim: ft=nginx
 location    / { return 301 https://$host$request_uri; }

nginx/snippets/redirect-www.conf

+# vim: ft=nginx
 location    / { return 301 https://www.$host$request_uri; }

nginx/snippets/robots-allow-all.conf

+# vim: ft=nginx
 location = /robots.txt {
     add_header Content-Type "text/plain; charset=utf-8";
     return 200 "User-agent: *\nDisallow:\n";

nginx/snippets/robots-disallow-all.conf

+# vim: ft=nginx
 location = /robots.txt {
     add_header Content-Type "text/plain; charset=utf-8";
     return 200 "User-agent: *\nDisallow: *\n";

nginx/snippets/security-txt.conf

+# vim: ft=nginx
 location = /.well-known/security.txt {
     if ($scheme = http) {
         return 301 https://$host$request_uri;

nginx/snippets/ssl.conf

+# vim: ft=nginx
 add_header                  Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
 add_header                  Expect-CT "max-age=86400, enforce, report-uri=\"https://www.shore.co.il/about\"";
 include                     snippets/common-headers.conf;

nginx/snippets/upgrade-secure.conf

+# vim: ft=nginx
 if ($http_Upgrade-Insecure-Requests = 1) { return 301 https://$host$request_uri; }

nginx/snippets/vouch.conf

+# vim: ft=nginx
 # send all requests to the `/validate` endpoint for authorization
 auth_request    /validate;