Adapt to new middleware model
This commit is contained in:
parent
20b6495c8b
commit
87d9fff606
|
@ -83,9 +83,8 @@ job "onlyoffice" {
|
|||
"traefik.http.routers.onlyoffice.rule=Host(`oods.example.org`)",
|
||||
"traefik.http.routers.onlyoffice.entrypoints=https",
|
||||
"traefik.http.middlewares.onlyoffice-csp.headers.contentsecuritypolicy=connect-src 'self' https://www.zotero.org https://cdn.jsdelivr.net https://cdn.rawgit.com https://translate.googleapis.com https://code.responsivevoice.org https://onlyoffice.github.io;default-src 'self';font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com;frame-src 'self' https://www.youtube.com https://onlyoffice.github.io;img-src 'self' data: https://*;media-src 'self' https://code.responsivevoice.org;script-src 'self' 'wasm-unsafe-eval' 'unsafe-inline' 'unsafe-eval' blob: https://ajax.googleapis.com https://www.youtube.com/ https://*.cloudfront.net https://cdn.rawgit.com https://code.jquery.com https://translate.googleapis.com https://code.responsivevoice.org https://cdn.jsdelivr.net https://onlyoffice.github.io;style-src 'self' 'unsafe-inline' data: https://fonts.googleapis.com https://translate.googleapis.com https://onlyoffice.github.io;",
|
||||
"traefik.http.routers.onlyoffice.middlewares=onlyoffice-csp,onlyoffice-headers,rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file,compression@file",
|
||||
"traefik.http.routers.onlyoffice.middlewares=security-headers@file,rate-limit-std@file,forward-proto@file,inflight-std@file,hsts@file,compression@file,onlyoffice-csp",
|
||||
|
||||
"traefik.http.middlewares.onlyoffice-headers.headers.customrequestheaders.X-Forwarded-Proto=https",
|
||||
]
|
||||
|
||||
}
|
||||
|
|
|
@ -39,7 +39,6 @@ job "[[ .instance ]]" {
|
|||
|
||||
tags = [
|
||||
[[ template "common/traefik_tags" $c ]]
|
||||
"[[ $c.traefik.instance ]].http.middlewares.[[ .instance ]]-headers[[ $c.consul.suffix ]].headers.customrequestheaders.X-Forwarded-Proto=https",
|
||||
]
|
||||
|
||||
}
|
||||
|
|
|
@ -36,12 +36,9 @@ oo:
|
|||
# Controls how the service will be exposed with Traefik
|
||||
traefik:
|
||||
enabled: true
|
||||
specific_middlewares:
|
||||
- '[[ .instance ]]-headers[[ .consul.suffix ]]'
|
||||
|
||||
# OnlyOffice needs some specific CSP rules
|
||||
csp:
|
||||
default-src: "'self'"
|
||||
img-src: "'self' data: https://*"
|
||||
script-src: "'self' 'wasm-unsafe-eval' 'unsafe-inline' 'unsafe-eval' blob: https://ajax.googleapis.com https://www.youtube.com/ https://*.cloudfront.net https://cdn.rawgit.com https://code.jquery.com https://translate.googleapis.com https://code.responsivevoice.org https://cdn.jsdelivr.net https://onlyoffice.github.io"
|
||||
style-src: "'self' 'unsafe-inline' data: https://fonts.googleapis.com https://translate.googleapis.com https://onlyoffice.github.io"
|
||||
|
@ -50,9 +47,6 @@ oo:
|
|||
media-src: "'self' https://code.responsivevoice.org"
|
||||
frame-src: "'self' https://www.youtube.com https://onlyoffice.github.io"
|
||||
|
||||
middlewares:
|
||||
- compression@file
|
||||
|
||||
# Wait for the database server to be ready before starting
|
||||
wait_for:
|
||||
- service: 'master.postgres[[ .consul.suffix ]]'
|
||||
|
|
Loading…
Reference in New Issue