add xframe options
This commit is contained in:
parent
492b9127e5
commit
6a93603994
|
@ -10,4 +10,4 @@ LETS_ENCRYPT_ENV=production
|
||||||
SECRET_DB_PASSWORD_VERSION=v1
|
SECRET_DB_PASSWORD_VERSION=v1
|
||||||
|
|
||||||
RAILS_TRUSTED_PROXIES=['127.0.0.1', '::1', 'your-traefik_app']
|
RAILS_TRUSTED_PROXIES=['127.0.0.1', '::1', 'your-traefik_app']
|
||||||
|
X_FRAME_OPTIONS_ALLOW_FROM=none
|
||||||
|
|
|
@ -81,6 +81,7 @@ services:
|
||||||
environment:
|
environment:
|
||||||
- NGINX_SERVER_SCHEME=https
|
- NGINX_SERVER_SCHEME=https
|
||||||
- RAILS_TRUSTED_PROXIES
|
- RAILS_TRUSTED_PROXIES
|
||||||
|
- X_FRAME_OPTIONS_ALLOW_FROM
|
||||||
deploy:
|
deploy:
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: on-failure
|
condition: on-failure
|
||||||
|
@ -90,6 +91,9 @@ services:
|
||||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-frameOptions"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=allow-from *.local-it.cloud"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
||||||
## Redirect from EXTRA_DOMAINS to DOMAIN
|
## Redirect from EXTRA_DOMAINS to DOMAIN
|
||||||
#- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
#- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
|
|
Loading…
Reference in New Issue