Add docs.clan.lol and localhost to CORS whitelist
All checks were successful
buildbot/nix-build .#checks.x86_64-linux.package-clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-default Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-flake-update Build done.
buildbot/nix-build .#checks.x86_64-linux.treefmt Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-ensure-tea-login Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-create-pr Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gitea Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-flake-update-pr-clan Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-homepage Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-core Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-infra Build done.
buildbot/nix-build .#checks.x86_64-linux.package-renovate Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-web01 Build done.
buildbot/nix-eval Build done.
All checks were successful
buildbot/nix-build .#checks.x86_64-linux.package-clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-default Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-flake-update Build done.
buildbot/nix-build .#checks.x86_64-linux.treefmt Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-ensure-tea-login Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-create-pr Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gitea Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-flake-update-pr-clan Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-homepage Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-core Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-infra Build done.
buildbot/nix-build .#checks.x86_64-linux.package-renovate Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-web01 Build done.
buildbot/nix-eval Build done.
This commit is contained in:
parent
8c1adb2e11
commit
3fe170102a
|
@ -50,10 +50,8 @@ in
|
|||
services.nginx.virtualHosts."git.clan.lol" = publog {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
# The add_header directive is used to set the Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.
|
||||
locations."/".extraConfig = ''
|
||||
proxy_pass http://localhost:3002;
|
||||
add_header Content-Security-Policy "frame-ancestors 'self' https://pad.lassul.us";
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -36,9 +36,38 @@
|
|||
source_charset utf-8;
|
||||
'';
|
||||
|
||||
# Make sure to expire the cache after 1 hour
|
||||
locations."/".extraConfig = ''
|
||||
add_header Cache-Control "public, max-age=3600";
|
||||
set $cors "false";
|
||||
|
||||
# Allow cross-origin requests from docs.clan.lol
|
||||
if ($http_origin = "https://docs.clan.lol") {
|
||||
set $cors "true";
|
||||
}
|
||||
|
||||
# Allow cross-origin requests from localhost IPs with port 8000
|
||||
if ($http_origin = "http://localhost:8000") {
|
||||
set $cors "true";
|
||||
}
|
||||
|
||||
if ($http_origin = "http://127.0.0.1:8000") {
|
||||
set $cors "true";
|
||||
}
|
||||
|
||||
if ($http_origin = "http://[::1]:8000") {
|
||||
set $cors "true";
|
||||
}
|
||||
|
||||
if ($cors = "true") {
|
||||
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
|
||||
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;
|
||||
}
|
||||
|
||||
if ($cors = "true") {
|
||||
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
|
||||
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;
|
||||
}
|
||||
'';
|
||||
locations."^~ /docs".extraConfig = ''
|
||||
rewrite ^/docs(.*)$ https://docs.clan.lol permanent;
|
||||
|
@ -56,9 +85,9 @@
|
|||
source_charset utf-8;
|
||||
'';
|
||||
|
||||
# Make sure to expire the cache after 1 hour
|
||||
# Make sure to expire the cache after 12 hour
|
||||
locations."/".extraConfig = ''
|
||||
add_header Cache-Control "public, max-age=3600";
|
||||
add_header Cache-Control "public, max-age=43200";
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user