kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implemented more detailed configuration for landing_page, css and matomo and restructured code

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-03-19 20:26:43 +01:00
parent f23850068a
commit 72693e09e2
12 changed files with 277 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/nginx-docker-reverse-proxy/templates/iframe.conf.j2 Normal file
View File

@@ -0,0 +1,4 @@
{% if landingpage_iframe_enabled | bool %}
add_header X-Frame-Options "SAMEORIGIN" always; # Allow iframe embedding only from the same origin
add_header Content-Security-Policy "frame-ancestors {{primary_domain}};" always; # Restrict embedding to the specified primary domain
{% endif %}

7
roles/nginx-docker-reverse-proxy/templates/proxy_pass.conf.j2
View File

@@ -14,12 +14,7 @@ location {{location | default("/")}}
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Accept-Encoding "";
{% if nginx.iframe | bool %}
# activate embedding via iframe
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Content-Security-Policy "frame-ancestors {{primary_domain}} 'self' *.{{primary_domain}};" always;
{% endif %}
{% include 'iframe.conf.j2' %}
# WebSocket specific header
proxy_http_version 1.1;