Add centralized include for Access-Control-Allow headers across proxy/service Nginx templates and align ACA vars for simpleicons task.

Ref: https://chatgpt.com/share/68dbf59c-f424-800f-aa27-787db52e260f
This commit is contained in:
2025-09-30 17:22:28 +02:00
parent 1d5a50abf2
commit 09a4c243d7
7 changed files with 16 additions and 4 deletions

View File

@@ -19,6 +19,8 @@ location {{location}}
{% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}
{% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}
# WebSocket specific header
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;

View File

@@ -6,6 +6,8 @@ server {
{% include 'roles/sys-front-inj-all/templates/server.conf.j2'%}
{% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}
{% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}
##
# Application

View File

@@ -7,6 +7,8 @@ server
{% include 'roles/sys-front-inj-all/templates/server.conf.j2'%}
{% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}
{% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}
charset utf-8;

View File

@@ -2,10 +2,13 @@ server {
server_name {{ domain }};
{% include 'roles/sys-svc-letsencrypt/templates/ssl_header.j2' %}
{% include 'roles/sys-front-inj-all/templates/server.conf.j2'%}
{% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}
{% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}
{# Normal HTTP routes (discovery, browser, assets) no Lua injection #}
{% set proxy_lua_enabled = false %}
{% set location = "/" %}

View File

@@ -8,6 +8,8 @@ server
{% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}
{% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}
charset utf-8;
location /

View File

@@ -7,6 +7,8 @@ server
{% include 'roles/sys-front-inj-all/templates/server.conf.j2'%}
{% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}
{% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}
charset utf-8;

View File

@@ -4,10 +4,9 @@
include_role:
name: sys-stk-full-stateless
vars:
aca_origin: "* always"
aca_methods: "'GET, OPTIONS' always"
aca_headers: "'Accept, Authorization, Content-Type' always"
aca_origin: "* always"
aca_methods: "'GET, OPTIONS' always"
aca_headers: '"Origin, X-Requested-With, Content-Type, Accept, Authorization" always'
- name: "Copy '{{ application_id }}' files"
template:
src: "{{ item.source }}"