Added more CSP Configurations for services running on veen.world

2025-05-18 10:40:33 +02:00 · 2025-05-15 11:31:30 +02:00 · 2025-05-15 11:31:30 +02:00 · f7cfd13d5a
commit f7cfd13d5a
parent 1031b61f6a
8 changed files with 54 additions and 7 deletions
--- a/roles/docker-espocrm/vars/configuration.yml
+++ b/roles/docker-espocrm/vars/configuration.yml
@ -15,4 +15,5 @@ features:
 csp:
  flags:
    script-src:
-      unsafe-inline: true
+      unsafe-inline: true
      unsafe-eval:   true
--- a/roles/docker-gitea/vars/configuration.yml
+++ b/roles/docker-gitea/vars/configuration.yml
@ -8,4 +8,16 @@ features:
  matomo:                         true
  css:                            true
  landingpage_iframe:             true
-  central_database:               true
+  central_database:               true
 csp:
  flags:
    script-src:
      unsafe-inline: true
    style-src:
      unsafe-inline: true
  whitelist:
    font-src:
      - "data:"
      - "blob:"
    worker-src:
      - "blob:"
--- a/roles/docker-matrix-compose/vars/configuration.yml
+++ b/roles/docker-matrix-compose/vars/configuration.yml
@ -15,4 +15,10 @@ features:
  css:                true
  landingpage_iframe: false
  oidc:               false                              # Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492
-  central_database:   true
+  central_database:   true
 csp:
  flags:
    script-src:
      unsafe-inline: true
    style-src:
      unsafe-inline: true
--- a/roles/docker-moodle/vars/configuration.yml
+++ b/roles/docker-moodle/vars/configuration.yml
@ -8,4 +8,15 @@ features:
  matomo:             true
  css:                true
  landingpage_iframe: false
-  central_database:   true
+  central_database:   true
 csp:
  flags:
    script-src:
      unsafe-inline: true
      unsafe-eval:   true
    style-src:
      unsafe-inline: true
  whitelist:
    font-src:
      - "data:"
      - "blob:"
--- a/roles/docker-nextcloud/vars/configuration.yml
+++ b/roles/docker-nextcloud/vars/configuration.yml
@ -9,7 +9,7 @@ csp:
      unsafe-inline: true
  whitelist:
    font-src:
-      - data:
+      - "data:"
 oidc:
  enabled:                    "{{ applications.nextcloud.features.oidc | default(true) }}"      # Activate OIDC for Nextcloud
  # floavor decides which OICD plugin should be used. 
--- a/roles/docker-pixelfed/vars/configuration.yml
+++ b/roles/docker-pixelfed/vars/configuration.yml
@ -4,4 +4,11 @@ features:
  matomo:             true
  css:                true
  landingpage_iframe: false
-  central_database:   true
+  central_database:   true
 csp:
  flags:
    script-src:
      unsafe-inline: true
      unsafe-eval:   true
    style-src:
      unsafe-inline: true
--- a/roles/docker-taiga/vars/configuration.yml
+++ b/roles/docker-taiga/vars/configuration.yml
@ -12,3 +12,11 @@ features:
  landingpage_iframe: false
  oidc:               false
  central_database:   true
 csp:
  flags:
    script-src:
      unsafe-inline: true
      unsafe-eval:   true
    style-src:
      unsafe-inline: true
--- a/roles/docker-wordpress/vars/configuration.yml
+++ b/roles/docker-wordpress/vars/configuration.yml
@ -24,4 +24,6 @@ csp:
      unsafe-inline: true
  whitelist:
    worker-src:
-      - blob:
+      - "blob:"
    font-src:
      - "data:"