chore(release): 1.0.0 [skip ci]

# 1.0.0 (2020-08-22)

### Bug Fixes

* add load-config.yml task ([03cfc3b](03cfc3b))
* add vendor files ([7b6d324](7b6d324))
* nginx conf template path ([f0be945](f0be945))

### Features

* add .gitmodules ([1aa86b0](1aa86b0))
* add galaxy.yml ([6bd5bcd](6bd5bcd))

Author: stackhead-bot

vendor/server-configs-nginx/h5bp/basic.conf

@@ -0,0 +1,10 @@
+# Nginx Server Configs | MIT License
+# https://github.com/h5bp/server-configs-nginx
+
+include h5bp/internet_explorer/x-ua-compatible.conf;
+include h5bp/security/referrer-policy.conf;
+include h5bp/security/x-content-type-options.conf;
+include h5bp/security/x-frame-options.conf;
+include h5bp/security/x-xss-protection.conf;
+include h5bp/location/security_file_access.conf;
+include h5bp/cross-origin/requests.conf;

vendor/server-configs-nginx/h5bp/cross-origin/requests.conf

@@ -0,0 +1,18 @@
+# ----------------------------------------------------------------------
+# | Cross-origin requests                                              |
+# ----------------------------------------------------------------------
+
+# Allow cross-origin requests.
+#
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
+# https://enable-cors.org/
+# https://www.w3.org/TR/cors/
+
+# (!) Do not use this without understanding the consequences.
+#     This will permit access from any other website.
+#     Instead of using this file, consider using a specific rule such as
+#     allowing access based on (sub)domain:
+#
+#         add_header Access-Control-Allow-Origin "subdomain.example.com";
+
+add_header Access-Control-Allow-Origin $cors;

vendor/server-configs-nginx/h5bp/cross-origin/resource_timing.conf

@@ -0,0 +1,15 @@
+# ----------------------------------------------------------------------
+# | Cross-origin resource timing                                       |
+# ----------------------------------------------------------------------
+
+# Allow cross-origin access to the timing information for all resources.
+#
+# If a resource isn't served with a `Timing-Allow-Origin` header that would
+# allow its timing information to be shared with the document, some of the
+# attributes of the `PerformanceResourceTiming` object will be set to zero.
+#
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Timing-Allow-Origin
+# https://www.w3.org/TR/resource-timing/
+# https://www.stevesouders.com/blog/2014/08/21/resource-timing-practical-tips/
+
+add_header Timing-Allow-Origin "*";

vendor/server-configs-nginx/h5bp/errors/custom_errors.conf

@@ -0,0 +1,9 @@
+# ----------------------------------------------------------------------
+# | Custom error messages/pages                                        |
+# ----------------------------------------------------------------------
+
+# Customize what Nginx returns to the client in case of an error.
+#
+# https://nginx.org/en/docs/http/ngx_http_core_module.html#error_page
+
+error_page 404 /404.html;

vendor/server-configs-nginx/h5bp/internet_explorer/x-ua-compatible.conf

@@ -0,0 +1,19 @@
+# ----------------------------------------------------------------------
+# | Document modes                                                     |
+# ----------------------------------------------------------------------
+
+# Force Internet Explorer 8/9/10 to render pages in the highest mode
+# available in various cases when it may not.
+#
+# https://hsivonen.fi/doctype/#ie8
+#
+# (!) Starting with Internet Explorer 11, document modes are deprecated.
+#     If your business still relies on older web apps and services that were
+#     designed for older versions of Internet Explorer, you might want to
+#     consider enabling `Enterprise Mode` throughout your company.
+#
+# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
+# https://blogs.msdn.microsoft.com/ie/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11/
+# https://msdn.microsoft.com/en-us/library/ff955275.aspx
+
+add_header X-UA-Compatible $x_ua_compatible;

vendor/server-configs-nginx/h5bp/location/security_file_access.conf

@@ -0,0 +1,41 @@
+# ----------------------------------------------------------------------
+# | File access                                                        |
+# ----------------------------------------------------------------------
+
+# Block access to all hidden files and directories except for the
+# visible content from within the `/.well-known/` hidden directory.
+#
+# These types of files usually contain user preferences or the preserved state
+# of a utility, and can include rather private places like, for example, the
+# `.git` or `.svn` directories.
+#
+# The `/.well-known/` directory represents the standard (RFC 5785) path prefix
+# for "well-known locations" (e.g.: `/.well-known/manifest.json`,
+# `/.well-known/keybase.txt`), and therefore, access to its visible content
+# should not be blocked.
+#
+# https://www.mnot.net/blog/2010/04/07/well-known
+# https://tools.ietf.org/html/rfc5785
+
+location ~* /\.(?!well-known\/) {
+  deny all;
+}
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+# Block access to files that can expose sensitive information.
+#
+# By default, block access to backup and source files that may be left by some
+# text editors and can pose a security risk when anyone has access to them.
+#
+# https://feross.org/cmsploit/
+#
+# (!) Update the `location` regular expression from below to include any files
+#     that might end up on your production server and can expose sensitive
+#     information about your website. These files may include: configuration
+#     files, files that contain metadata about the project (e.g.: project
+#     dependencies, build scripts, etc.).
+
+location ~* (?:#.*#|\.(?:bak|conf|dist|fla|in[ci]|log|orig|psd|sh|sql|sw[op])|~)$ {
+  deny all;
+}

vendor/server-configs-nginx/h5bp/location/web_performance_filename-based_cache_busting.conf

@@ -0,0 +1,14 @@
+# ----------------------------------------------------------------------
+# | Filename-based cache busting                                       |
+# ----------------------------------------------------------------------
+
+# If you're not using a build process to manage your filename version revving,
+# you might want to consider enabling the following directives.
+#
+# To understand why this is important and even a better solution than using
+# something like `*.css?v231`, please see:
+# https://www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
+
+location ~* (.+)\.(?:\w+)\.(bmp|css|cur|gif|ico|jpe?g|m?js|png|svgz?|webp|webmanifest)$ {
+  try_files $uri $1.$2;
+}

vendor/server-configs-nginx/h5bp/location/web_performance_svgz-compression.conf

@@ -0,0 +1,16 @@
+# ----------------------------------------------------------------------
+# | SVGZ Compression                                                   |
+# ----------------------------------------------------------------------
+
+# SVGZ files are already compressed.
+# Disable gzip function for `.svgz` files.
+
+location ~* \.svgz$ {
+    gzip off;
+    add_header Content-Encoding gzip;
+
+    include h5bp/security/x-content-type-options.conf;
+    include h5bp/security/content-security-policy.conf;
+    include h5bp/security/referrer-policy.conf;
+    include h5bp/cross-origin/requests.conf;
+}

vendor/server-configs-nginx/h5bp/media_types/character_encodings.conf

@@ -0,0 +1,32 @@
+# ----------------------------------------------------------------------
+# | Character encodings                                                |
+# ----------------------------------------------------------------------
+
+# Serve all resources labeled as `text/html` or `text/plain` with the media type
+# `charset` parameter set to `UTF-8`.
+#
+# https://nginx.org/en/docs/http/ngx_http_charset_module.html#charset
+
+charset utf-8;
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+# Update charset_types to match updated mime.types.
+# `text/html` is always included by charset module.
+# Default: text/html text/xml text/plain text/vnd.wap.wml application/javascript application/rss+xml
+#
+# https://nginx.org/en/docs/http/ngx_http_charset_module.html#charset_types
+
+charset_types
+    text/css
+    text/plain
+    text/vnd.wap.wml
+    text/javascript
+    text/markdown
+    text/calendar
+    text/x-component
+    text/vcard
+    text/cache-manifest
+    text/vtt
+    application/json
+    application/manifest+json;

vendor/server-configs-nginx/h5bp/media_types/media_types.conf

@@ -0,0 +1,18 @@
+# ----------------------------------------------------------------------
+# | Media types                                                        |
+# ----------------------------------------------------------------------
+
+# Serve resources with the proper media types (f.k.a. MIME types).
+#
+# https://www.iana.org/assignments/media-types/media-types.xhtml
+# https://nginx.org/en/docs/http/ngx_http_core_module.html#types
+
+include mime.types;
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+# Default: text/plain
+#
+# https://nginx.org/en/docs/http/ngx_http_core_module.html#default_type
+
+default_type application/octet-stream;