nomad
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adapt to new middleware model

This commit is contained in:
Daniel Berteaud 2024-01-28 22:49:01 +01:00
parent a9042820f2
commit 37fcbf6c32
2 changed files with 4 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
example/bookstack.nomad.hcl
View File

@ -63,8 +63,9 @@ job "bookstack" {
"traefik.enable=true",
"traefik.http.routers.bookstack.rule=Host(`bookstack.example.org`)",
"traefik.http.routers.bookstack.entrypoints=https",
"traefik.http.middlewares.bookstack-csp.headers.contentsecuritypolicy=default-src 'self';font-src 'self' data:;img-src 'self' blob: data:;script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';",
"traefik.http.routers.bookstack.middlewares=bookstack-csp,rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file,compression@file",
"traefik.http.middlewares.bookstack-csp.headers.contentsecuritypolicy=default-src 'self';font-src 'self' data:;img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';",
"traefik.http.middlewares.bookstack-proxy.headers.customrequestheaders.X-Forwarded-Proto=https",
"traefik.http.routers.bookstack.middlewares=security-headers@file,rate-limit-std@file,bookstack-proxy,inflight-std@file,hsts@file,compression@file,bookstack-csp",
]
}

13
variables.yml
View File

@ -80,19 +80,8 @@ bookstack:
public_url: https://bookstack.example.org
# Traefik settings
traefik:
middlewares:
# Can be removed once compression is added back to the default base_middlewares
- compression@file
traefik: {}
# Custom CSP to set
csp:
default-src: "'self'"
script-src: "'self' 'unsafe-inline'"
img-src: "'self' blob: data:"
style-src: "'self' 'unsafe-inline'"
font-src: "'self' data:"
# Volume for data persistence
volumes:
data: