Merge pull request 'Set the nginx Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.' (#148) from Qubasa-main into main
All checks were successful
checks / test (push) Successful in 26s
All checks were successful
checks / test (push) Successful in 26s
This commit is contained in:
commit
60b8b56522
|
@ -36,8 +36,10 @@
|
||||||
services.nginx.virtualHosts."git.clan.lol" = {
|
services.nginx.virtualHosts."git.clan.lol" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
# The add_header directive is used to set the Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.
|
||||||
locations."/".extraConfig = ''
|
locations."/".extraConfig = ''
|
||||||
proxy_pass http://localhost:3002;
|
proxy_pass http://localhost:3002;
|
||||||
|
add_header Content-Security-Policy "frame-ancestors 'self' https://pad.lassul.us";
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user