[build] command = "yarn build" publish = "public" functions = ".netlify/functions" [build.environment] NODE_VERSION = "14" YARN_VERSION = "1.22.10" YARN_FLAGS = "--no-ignore-optional --frozen-lockfile" PYTHON_VERSION = "3.7" # Ensure *only* Pretty URLs are enabled, even though this is already set up in # the Netlify dashboard. [build.processing] skip_processing = false [build.processing.css] bundle = false minify = false [build.processing.js] bundle = false minify = false [build.processing.html] pretty_urls = true [build.processing.images] compress = false [context.deploy-preview] command = "yarn build:functions && yarn build:hugo --environment development --baseURL $DEPLOY_PRIME_URL --buildDrafts --buildFuture" [context.branch-deploy] command = "yarn build:functions && yarn build:hugo --environment development --baseURL $DEPLOY_PRIME_URL --buildDrafts --buildFuture" # https://github.com/netlify/cli/blob/master/docs/netlify-dev.md#netlifytoml-dev-block [dev] framework = "#custom" # only start Hugo, `netlify dev` builds/serves functions itself command = "yarn start:hugo --port=1338 --baseURL=/ --appendPort=false --disableLiveReload" # swap ports to keep consistent w/ normal local server targetPort = 1338 port = 1337 # don't launch browser automatically autoLaunch = false # Enable local Netlify build plugins: [[plugins]] package = "@netlify/plugin-local-install-core" # Optimize AMP pages server-side: # https://github.com/ampproject/amp-toolbox/tree/master/packages/optimizer # https://github.com/martinbean/netlify-plugin-amp-server-side-rendering [[plugins]] package = "./plugins/netlify-plugin-amp-optimizer" # Cache resoures between builds: # https://github.com/jakejarvis/netlify-plugin-cache [[plugins]] package = "./plugins/netlify-plugin-cache" [plugins.inputs] paths = ["public", "builds", "_vendor"] # List cached resources for debugging: # [[plugins]] # package = "netlify-plugin-debug-cache" # The most important headers and redirects are specified in the _headers and # _redirects files generated by Hugo. These are additional custom rules, mostly # unrelated to the actual website. # Global security headers: [[headers]] for = "/*" [headers.values] # https://amp.dev/documentation/guides-and-tutorials/optimize-and-measure/secure-pages/ Content-Security-Policy = ''' default-src 'self'; base-uri 'none'; connect-src 'self' *.ampproject.net csp-collector.appspot.com/csp/amp api.github.com platform.twitter.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; form-action 'none'; frame-ancestors 'self'; frame-src 'self' jakejarvis.github.io *.ampproject.net cdn.ampproject.org app.usefathom.com buttons.github.io codepen.io cdpn.io platform.twitter.com player.vimeo.com www.youtube-nocookie.com; img-src 'self' data: https:; manifest-src 'self'; media-src 'self' data: https:; object-src 'none'; script-src 'self' cdn.ampproject.org/lts/v0.js cdn.ampproject.org/lts/v0/ cdn.ampproject.org/viewer/ cdn.ampproject.org/rtv/ 3p.ampproject.net buttons.github.io gist.github.com syndication.twitter.com platform.twitter.com player.vimeo.com 'sha256-1j1MKfE70TTCp5KmiC2YImxw2RMS52uCH5yXl1heG9U=' 'sha256-y3Xr/40/KQnUvqk/kZO5us6t3i/I49BsbYjsH8ELhVg=' 'sha256-JGG0npUp+0ABq/NY1azjpQ0WBtm+m5gU58mzF+2DCXY='; style-src 'self' 'unsafe-inline' cdn.ampproject.org/rtv/ fonts.googleapis.com assets-cdn.github.com github.githubassets.com; worker-src 'self'; block-all-mixed-content; report-uri https://jarv.is/api/csp_wizard; report-to default''' NEL = ''' {"report_to":"default","max_age":604800}''' Report-To = ''' {"group":"default","max_age":604800,"endpoints":[{"url":"https://jarv.is/api/report"}],"include_subdomains":false}''' # More generic security headers: Feature-Policy = "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'" Permissions-Policy = "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()" Referrer-Policy = "no-referrer-when-downgrade" X-Content-Type-Options = "nosniff" X-Frame-Options = "SAMEORIGIN" X-XSS-Protection = "1; mode=block" X-Got-Milk = "2%" X-View-Source = "https://github.com/jakejarvis/jarv.is" # PGP key: open in browser, download correctly [[headers]] for = "/pubkey.asc" [headers.values] Cache-Control = "no-cache" Content-Type = "text/plain; charset=UTF-8" Content-Disposition = "inline; filename=\"pubkey.asc\"" # Redirect Netlify and www subdomains to primary domain: [[redirects]] from = "https://jakejarvis.netlify.com/*" to = "https://jarv.is/:splat" status = 301 force = true [[redirects]] from = "https://jakejarvis.netlify.app/*" to = "https://jarv.is/:splat" status = 301 force = true [[redirects]] from = "https://www.jarv.is/*" to = "https://jarv.is/:splat" status = 301 force = true # External API redirects/mirrors: # Must set `force = true` and wildcard /api/* rule goes last. ## Report URI endpoints [[redirects]] from = "/api/report" to = "https://jarvis.report-uri.com/a/d/g" status = 200 force = true [[redirects]] from = "/api/csp_wizard" to = "https://jarvis.report-uri.com/r/d/csp/enforce" status = 200 force = true ## Fathom Analytics endpoint [[redirects]] from = "/api/count_view*" to = "https://starman.fathomdns.com/:splat" status = 200 force = true ## Webmention.io endpoints [[redirects]] from = "/api/mention" to = "https://webmention.io/jarv.is/webmention" status = 200 force = true [[redirects]] from = "/api/ping" to = "https://webmention.io/jarv.is/xmlrpc" status = 200 force = true ## Prettier URLs for Netlify Functions [[redirects]] from = "/api/*" to = "/.netlify/functions/:splat" status = 200 # More miscellaneous mirrors/redirects: [[redirects]] from = "/blog/*" to = "/notes/" status = 301 [[redirects]] from = "/archives/*" to = "/notes/" status = 301 [[redirects]] from = "/resume" to = "/resume.pdf" status = 302 # Fix some 404s after moving files around somewhat recklessly: [[redirects]] from = "/keybase.txt" to = "/.well-known/keybase.txt" status = 301 [[redirects]] from = "/jarvis.asc" to = "/pubkey.asc" status = 301 [[redirects]] from = "/img/me_large.jpg" to = "/img/me.jpg" status = 301 [[redirects]] from = "/me.jpg" to = "/img/me.jpg" status = 301 [[redirects]] from = "/me_large.jpg" to = "/img/me.jpg" status = 301 [[redirects]] from = "/twemoji/svg/*" to = "/vendor/emoji/svg/:splat" status = 301 [[redirects]] from = "/vendor/inter/*" to = "/vendor/fonts/:splat" status = 301 [[redirects]] from = "/img/logo.svg" to = "/img/favicon.svg" status = 302 # Moved these random sites/projects elsewhere (mostly GitHub Pages) to keep # this repo and domain squeaky clean: [[redirects]] from = "/y2k/*" to = "https://jakejarvis.github.io/my-first-website/:splat" status = 302 [[redirects]] from = "/ios-trackers/*" to = "https://jakejarvis.github.io/ios-trackers/:splat" status = 302 [[redirects]] from = "/awesome/*" to = "https://synonymsforawesome.com/" status = 302 [[redirects]] from = "/hugo-node/*" to = "https://github.com/jakejarvis/hugo-extended" status = 302 [[redirects]] from = "/comp20/*" to = "https://jakejarvis.github.io/comp20/:splat" status = 302 [[redirects]] from = "/scrabble/*" to = "https://jakejarvis.github.io/scrabble/:splat" status = 302 # H A C K E R M A N ( ͡° ͜ʖ ͡°) [[redirects]] from = "*/wp-admin/*" to = "/403.html" status = 403 [[redirects]] from = "*/admin/*" to = "/403.html" status = 403 [[redirects]] from = "*/wp-login.php" to = "/403.html" status = 403 [[redirects]] from = "*/login.php" to = "/403.html" status = 403 [[redirects]] from = "*/wlwmanifest.xml" to = "/403.html" status = 403 [[redirects]] from = "*/.git/*" to = "/403.html" status = 403