forked from coop-cloud/nextcloud
yksflip
16ad6c22ea
This introduces new env variables to configure nextloud to be embedded via iframe on an external site. Setting X_FRAME_OPTIONS_ENABLED=1 will configure nginx and nextcloud to set X-Frame-Options and CSP headers to allow the domain configured in X_FRAME_OPTIONS_ALLOW_FROM. I created a PR because I'm not sure if this is helpful for other people or just a custom hack that bloats the recipe :D Co-authored-by: Philipp Rothmann <philipprothmann@posteo.de> Reviewed-on: coop-cloud/nextcloud#28
10 lines
338 B
Bash
10 lines
338 B
Bash
#!/bin/bash
|
|
|
|
{{ if eq (env "X_FRAME_OPTIONS_ENABLED") "1" }}
|
|
if ! [[ $(grep {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }} lib/public/AppFramework/Http/ContentSecurityPolicy.php) ]]; then
|
|
sed -i "91 a\\\t\t'{{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}', " lib/public/AppFramework/Http/ContentSecurityPolicy.php
|
|
fi
|
|
{{ end }}
|
|
|
|
/entrypoint.sh php-fpm
|