Fix various Traefik headers syntax

`always` is an nginx suffix, which shouldn't have been added to these.
2023-02-20 16:50:39 +02:00 · 2023-02-20 16:50:39 +02:00 · 6cdbde01d7
parent 30185a04e9
commit 6cdbde01d7
4 changed files with 8 additions and 8 deletions
--- a/roles/custom/matrix-client-cinny/defaults/main.yml
+++ b/roles/custom/matrix-client-cinny/defaults/main.yml
@ -95,11 +95,11 @@ matrix_client_cinny_http_header_content_security_policy: frame-ancestors 'self'

 # Specifies the value of the `Permission-Policy` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy
-matrix_client_cinny_http_header_content_permission_policy: "{{ 'interest-cohort=() always' if matrix_client_cinny_floc_optout_enabled else '' }}"
+matrix_client_cinny_http_header_content_permission_policy: "{{ 'interest-cohort=()' if matrix_client_cinny_floc_optout_enabled else '' }}"

 # Specifies the value of the `Strict-Transport-Security` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
-matrix_client_cinny_http_header_strict_transport_security: "{{ '\"max-age=31536000; includeSubDomains; preload\" always' if matrix_client_cinny_hsts_preload_enabled else '\"max-age=31536000; includeSubDomains\" always' }}"
+matrix_client_cinny_http_header_strict_transport_security: "max-age=31536000; includeSubDomains{{ '; preload' if matrix_client_cinny_hsts_preload_enabled else '' }}"

 # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses
 #
--- a/roles/custom/matrix-client-element/defaults/main.yml
+++ b/roles/custom/matrix-client-element/defaults/main.yml
@ -98,11 +98,11 @@ matrix_client_element_http_header_content_security_policy: frame-ancestors 'self

 # Specifies the value of the `Permission-Policy` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy
-matrix_client_element_http_header_content_permission_policy: "{{ 'interest-cohort=() always' if matrix_client_element_floc_optout_enabled else '' }}"
+matrix_client_element_http_header_content_permission_policy: "{{ 'interest-cohort=()' if matrix_client_element_floc_optout_enabled else '' }}"

 # Specifies the value of the `Strict-Transport-Security` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
-matrix_client_element_http_header_strict_transport_security: "{{ '\"max-age=31536000; includeSubDomains; preload\" always' if matrix_client_element_hsts_preload_enabled else '\"max-age=31536000; includeSubDomains\" always' }}"
+matrix_client_element_http_header_strict_transport_security: "max-age=31536000; includeSubDomains{{ '; preload' if matrix_client_element_hsts_preload_enabled else '' }}"

 # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses
 #
--- a/roles/custom/matrix-client-hydrogen/defaults/main.yml
+++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml
@ -94,11 +94,11 @@ matrix_client_hydrogen_http_header_content_security_policy: frame-ancestors 'sel

 # Specifies the value of the `Permission-Policy` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy
-matrix_client_hydrogen_http_header_content_permission_policy: "{{ 'interest-cohort=() always' if matrix_client_hydrogen_floc_optout_enabled else '' }}"
+matrix_client_hydrogen_http_header_content_permission_policy: "{{ 'interest-cohort=()' if matrix_client_hydrogen_floc_optout_enabled else '' }}"

 # Specifies the value of the `Strict-Transport-Security` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
-matrix_client_hydrogen_http_header_strict_transport_security: "{{ '\"max-age=31536000; includeSubDomains; preload\" always' if matrix_client_hydrogen_hsts_preload_enabled else '\"max-age=31536000; includeSubDomains\" always' }}"
+matrix_client_hydrogen_http_header_strict_transport_security: "max-age=31536000; includeSubDomains{{ '; preload' if matrix_client_hydrogen_hsts_preload_enabled else '' }}"

 # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses
 #
--- a/roles/custom/matrix-synapse-admin/defaults/main.yml
+++ b/roles/custom/matrix-synapse-admin/defaults/main.yml
@ -102,11 +102,11 @@ matrix_synapse_admin_http_header_content_security_policy: frame-ancestors 'self'

 # Specifies the value of the `Permission-Policy` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy
-matrix_synapse_admin_http_header_content_permission_policy: "{{ 'interest-cohort=() always' if matrix_synapse_admin_floc_optout_enabled else '' }}"
+matrix_synapse_admin_http_header_content_permission_policy: "{{ 'interest-cohort=()' if matrix_synapse_admin_floc_optout_enabled else '' }}"

 # Specifies the value of the `Strict-Transport-Security` header.
 # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
-matrix_synapse_admin_http_header_strict_transport_security: "{{ '\"max-age=31536000; includeSubDomains; preload\" always' if matrix_synapse_admin_hsts_preload_enabled else '\"max-age=31536000; includeSubDomains\" always' }}"
+matrix_synapse_admin_http_header_strict_transport_security: "max-age=31536000; includeSubDomains{{ '; preload' if matrix_synapse_admin_hsts_preload_enabled else '' }}"

 # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses
 #