aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2023-07-23 13:59:35 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2023-07-23 13:59:35 +0200
commit132ad670a1df0a3b083e35ba823dad5ebaac33a9 (patch)
tree94ac74f3d45d61a40883d7bf119a08d3b14adf25
parent1048456fbf0264f063a43e0c6db31181a45a4dea (diff)
downloadnixcfg-132ad670a1df0a3b083e35ba823dad5ebaac33a9.tar.gz
nixcfg-132ad670a1df0a3b083e35ba823dad5ebaac33a9.zip
lines
-rw-r--r--cluster/prod/app/garage/deploy/garage.hcl2
1 files changed, 2 insertions, 0 deletions
diff --git a/cluster/prod/app/garage/deploy/garage.hcl b/cluster/prod/app/garage/deploy/garage.hcl
index 6e33346..34eb0cc 100644
--- a/cluster/prod/app/garage/deploy/garage.hcl
+++ b/cluster/prod/app/garage/deploy/garage.hcl
@@ -99,9 +99,11 @@ job "garage" {
"garage-web",
"tricot * 1",
#"tricot-add-header Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://code.jquery.com/; frame-ancestors 'self'",
+ "tricot-add-header Content-Security-Policy default-src https: 'unsafe-inline'",
"tricot-add-header Strict-Transport-Security max-age=63072000; includeSubDomains; preload",
"tricot-add-header X-Frame-Options SAMEORIGIN",
"tricot-add-header X-XSS-Protection 1; mode=block",
+ "tricot-add-header X-Content-Type-Options nosniff",
"tricot-site-lb",
]
port = 3902