Set the nginx Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.
This commit is contained in:
parent
c69be4155d
commit
b14d3f97e2
|
@ -36,8 +36,10 @@
|
||||||
services.nginx.virtualHosts."git.clan.lol" = {
|
services.nginx.virtualHosts."git.clan.lol" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
# The add_header directive is used to set the Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.
|
||||||
locations."/".extraConfig = ''
|
locations."/".extraConfig = ''
|
||||||
proxy_pass http://localhost:3002;
|
proxy_pass http://localhost:3002;
|
||||||
|
add_header Content-Security-Policy "frame-ancestors 'self' https://pad.lassul.us";
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user