Set the Vim file type.

Prettier editing.

conf.d/default.conf

+# vim: ft=nginx
 server {
     listen      80 default_server;
     listen      [::]:80 default_server;

conf.d/global.conf

+# vim: ft=nginx
 # The resolver for the Docker network.
 resolver                        127.0.0.11 valid=30s;
 gzip                            on;

conf.d/status.conf

+# vim: ft=nginx
 server {
     listen      80;
     listen      [::]:80;

snippets/ads-txt.conf

+# vim: ft=nginx
 location = /ads.txt {
     if ($scheme = http) {
         return 301 https://$host$request_uri;

snippets/allow-ns1.conf

+# vim: ft=nginx
 allow   62.219.131.121;  # ns1.shore.co.il

snippets/allow-ns4.conf

+# vim: ft=nginx
 allow   163.172.74.36;  # ns4.shore.co.il

snippets/allow-private-ips.conf

+# vim: ft=nginx
 allow 127.0.0.0/8;
 allow 10.0.0.0/8;
 allow 192.168.0.0/16;

snippets/allow-shore-ips.conf

+# vim: ft=nginx
 include snippets/allow-ns1.conf;
 include snippets/allow-ns4.conf;
 include snippets/allow-private-ips.conf;

snippets/common-headers.conf

+# vim: ft=nginx
 # add_headers are inherited from previous level if and only if there are no
 # add_header directives defined on the current level. So any time there's an
 # add_header directive there should be an `include snippets/common-headers.conf`

snippets/ldap-auth.conf

+# vim: ft=nginx
 auth_request    /validate;
 
 location = /validate {

snippets/matrix-well-known.conf

+# vim: ft=nginx
 location = /.well-known/matrix/server {
     return 200 "{\"m.server\": \"matrix.shore.co.il:443\"}";
 }

snippets/proxy-headers.conf

+# vim: ft=nginx
 proxy_set_header    X-Forwarded-Host $host;
 proxy_set_header    X-Forwarded-Proto $scheme;
 proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;

snippets/proxy-ssl.conf

+# vim: ft=nginx
 proxy_ssl_verify                  on;
 proxy_ssl_verify_depth            3;
 proxy_ssl_server_name             on;

snippets/redirect-https.conf

+# vim: ft=nginx
 location    / { return 301 https://$host$request_uri; }

snippets/redirect-www.conf

+# vim: ft=nginx
 location    / { return 301 https://www.$host$request_uri; }

snippets/robots-allow-all.conf

+# vim: ft=nginx
 location = /robots.txt {
     add_header Content-Type "text/plain; charset=utf-8";
     return 200 "User-agent: *\nDisallow:\n";

snippets/robots-disallow-all.conf

+# vim: ft=nginx
 location = /robots.txt {
     add_header Content-Type "text/plain; charset=utf-8";
     return 200 "User-agent: *\nDisallow: *\n";

snippets/security-txt.conf

+# vim: ft=nginx
 location = /.well-known/security.txt {
     if ($scheme = http) {
         return 301 https://$host$request_uri;

snippets/ssl-common.conf

+# vim: ft=nginx
 add_header                  Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
 add_header                  Expect-CT "max-age=86400, enforce, report-uri=\"https://www.shore.co.il/about\"";
 include                     snippets/common-headers.conf;

snippets/ssl-legacy.conf

+# vim: ft=nginx
 include                     snippets/ssl-common.conf;
 ssl_protocols               TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
 ssl_ciphers                 !AESCCM:!kRSA:!3DES:!RC4:!DES:!MD5:!aNULL:!NULL:AESGCM+ECDH:ECDH+CHACHA20:AES256+ECDH:AES128:CHACHA20:+SHA1;