hackmd: SSL, temporary CSP'fix

2018-05-01 11:49:42 +02:00 · 2018-05-01 11:49:42 +02:00 · d3a50a75d6
commit d3a50a75d6
parent e24a9ede41
1 changed files with 2 additions and 3 deletions
--- a/roles/hackmd/templates/config.json.j2
+++ b/roles/hackmd/templates/config.json.j2
@ -1,6 +1,7 @@
 {
    "production": {
        "domain": "{{ hackmd_domain }}",
+        "protocolUseSSL": true,
        "_hsts": {
            "enable": true,
            "maxAgeSeconds": "31536000",
@ -8,9 +9,8 @@
            "preload": true
        },
        "csp": {
-            "enable": true,
+            "enable": false,
            "directives": {
-                "imgSrc": ["self", "unsafe-inline"]
            },
            "upgradeInsecureRequests": "auto",
            "addDefaults": true,
@ -35,7 +35,6 @@
            "usernameField": "cn",
            "useridField": "uid",
            "tlsca": "/etc/ldap/ssl/BKCA.crt"
-            }
        },
        "email": false
    }