From a4bd5a868ffe874000635e6b9c20f07e37a0e46f Mon Sep 17 00:00:00 2001
From: lornk <uniac@web.de>
Date: Tue, 22 Jul 2025 21:07:30 +0200
Subject: [PATCH] =?UTF-8?q?config/dynamic/dynamic=5Fconf.yml=20hinzugef?=
 =?UTF-8?q?=C3=BCgt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config/dynamic/dynamic_conf.yml | 34 +++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 config/dynamic/dynamic_conf.yml

diff --git a/config/dynamic/dynamic_conf.yml b/config/dynamic/dynamic_conf.yml
new file mode 100644
index 0000000..a9bd06e
--- /dev/null
+++ b/config/dynamic/dynamic_conf.yml
@@ -0,0 +1,34 @@
+tls:
+  options:
+    default:
+      minVersion: VersionTLS12
+      cipherSuites:
+        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
+        - TLS_AES_128_GCM_SHA256
+        - TLS_AES_256_GCM_SHA384
+        - TLS_CHACHA20_POLY1305_SHA256
+      curvePreferences:
+        - CurveP521
+        - CurveP384
+      sniStrict: true
+
+http:
+  middlewares:
+    https-redirect:
+      redirectScheme:
+        scheme: https
+
+    secure-headers:
+      headers:
+        browserXssFilter: true
+        contentTypeNosniff: true
+        frameDeny: true
+        sslRedirect: true
+        #HSTS Configuration
+        stsIncludeSubdomains: true
+        stsPreload: true
+        stsSeconds: 15768000
+serversTransport:
+  insecureSkipVerify: true
\ No newline at end of file