clan/clan-infra
10
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add docs.clan.lol and localhost to CORS whitelist #180

Merged
clan-bot merged 1 commits from Qubasa-main into main 2024-05-16 12:50:45 +00:00
Conversation 0 Commits 1 Files Changed 2 +33 -6
2 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/web01/gitea/default.nix
View File

@ -50,10 +50,8 @@ in
services.nginx.virtualHosts."git.clan.lol" = publog {
forceSSL = true;
enableACME = true;
# The add_header directive is used to set the Content-Security-Policy header to allow embedding the Gitea instance in an iframe on the pad.lassul.us instance.
locations."/".extraConfig = ''
proxy_pass http://localhost:3002;
add_header Content-Security-Policy "frame-ancestors 'self' https://pad.lassul.us";
'';
};
}

37
modules/web01/homepage.nix
View File

@ -36,9 +36,38 @@
source_charset utf-8;
'';
# Make sure to expire the cache after 1 hour
locations."/".extraConfig = ''
add_header Cache-Control "public, max-age=3600";
set $cors "false";
# Allow cross-origin requests from docs.clan.lol
if ($http_origin = "https://docs.clan.lol") {
set $cors "true";
}
# Allow cross-origin requests from localhost IPs with port 8000
if ($http_origin = "http://localhost:8000") {
set $cors "true";
}
if ($http_origin = "http://127.0.0.1:8000") {
set $cors "true";
}
if ($http_origin = "http://[::1]:8000") {
set $cors "true";
}
if ($cors = "true") {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;
}
if ($cors = "true") {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;
}
'';
locations."^~ /docs".extraConfig = ''
rewrite ^/docs(.*)$ https://docs.clan.lol permanent;
@ -56,9 +85,9 @@
source_charset utf-8;
'';
# Make sure to expire the cache after 1 hour
# Make sure to expire the cache after 12 hour
locations."/".extraConfig = ''
add_header Cache-Control "public, max-age=3600";
add_header Cache-Control "public, max-age=43200";
'';
};