Enhance Shopware role: fix init script permissions, CSP for data: fonts, and unify shell usage

- Added 'font-src data:' to CSP whitelist to allow inline fonts in Admin UI - Refactored init.sh to run as root only for volume permission setup, then drop privileges to www-data - Unified all bash invocations to sh for POSIX compliance - Added missing 'bundles' named volume and mount to Docker Compose - Set init container to run as root (0:0) for permission setup - Added admin user rename step via Ansible task See discussion: https://chatgpt.com/share/69087361-859c-800f-862c-7413350cca3e
2025-11-16 18:16:25 +00:00 · 2025-11-03 10:18:45 +01:00
parent df8390f386
commit 0bf286f62a
8 changed files with 148 additions and 63 deletions
--- a/roles/web-app-shopware/config/main.yml
+++ b/roles/web-app-shopware/config/main.yml
@@ -10,7 +10,10 @@ server:
    flags:
      script-src-elem:
        unsafe-inline:  true
-    whitelist: {}
+        unsafe-eval:    true
+    whitelist:
+      font-src:
+        - "data:"
  domains:
    aliases: []
    canonical: