Adapt to new middleware model
This commit is contained in:
parent
a9042820f2
commit
37fcbf6c32
|
@ -63,8 +63,9 @@ job "bookstack" {
|
|||
"traefik.enable=true",
|
||||
"traefik.http.routers.bookstack.rule=Host(`bookstack.example.org`)",
|
||||
"traefik.http.routers.bookstack.entrypoints=https",
|
||||
"traefik.http.middlewares.bookstack-csp.headers.contentsecuritypolicy=default-src 'self';font-src 'self' data:;img-src 'self' blob: data:;script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';",
|
||||
"traefik.http.routers.bookstack.middlewares=bookstack-csp,rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file,compression@file",
|
||||
"traefik.http.middlewares.bookstack-csp.headers.contentsecuritypolicy=default-src 'self';font-src 'self' data:;img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';",
|
||||
"traefik.http.middlewares.bookstack-proxy.headers.customrequestheaders.X-Forwarded-Proto=https",
|
||||
"traefik.http.routers.bookstack.middlewares=security-headers@file,rate-limit-std@file,bookstack-proxy,inflight-std@file,hsts@file,compression@file,bookstack-csp",
|
||||
|
||||
]
|
||||
}
|
||||
|
|
|
@ -80,19 +80,8 @@ bookstack:
|
|||
public_url: https://bookstack.example.org
|
||||
|
||||
# Traefik settings
|
||||
traefik:
|
||||
middlewares:
|
||||
# Can be removed once compression is added back to the default base_middlewares
|
||||
- compression@file
|
||||
traefik: {}
|
||||
|
||||
# Custom CSP to set
|
||||
csp:
|
||||
default-src: "'self'"
|
||||
script-src: "'self' 'unsafe-inline'"
|
||||
img-src: "'self' blob: data:"
|
||||
style-src: "'self' 'unsafe-inline'"
|
||||
font-src: "'self' data:"
|
||||
|
||||
# Volume for data persistence
|
||||
volumes:
|
||||
data:
|
||||
|
|
Loading…
Reference in New Issue