pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
matrix-docker-ansible-deploy/roles/custom/matrix-synapse-admin/templates/labels.j2
Slavi Pantaleev c33ed94352 Add security headers to synapse-admin (on Traefik) 
We've had it on `matrix-nginx-proxy` before, but
our initial support for Traefik did not include any of these security
headers.
2023-02-14 08:49:04 +02:00

43 lines
2.3 KiB
Django/Jinja
Raw Blame History

{% if matrix_synapse_admin_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_synapse_admin_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_synapse_admin_container_labels_traefik_docker_network }}
{% endif %}
{% set middlewares = [] %}
{% if matrix_synapse_admin_container_labels_traefik_path_prefix != '/' %}
traefik.http.middlewares.matrix-synapse-admin-slashless-redirect.redirectregex.regex=({{ matrix_synapse_admin_container_labels_traefik_path_prefix | quote }})$
traefik.http.middlewares.matrix-synapse-admin-slashless-redirect.redirectregex.replacement=${1}/
{% set middlewares = middlewares + ['matrix-synapse-admin-slashless-redirect'] %}
{% endif %}
{% if matrix_synapse_admin_container_labels_traefik_path_prefix != '/' %}
traefik.http.middlewares.matrix-synapse-admin-strip-prefix.stripprefix.prefixes={{ matrix_synapse_admin_container_labels_traefik_path_prefix }}
{% set middlewares = middlewares + ['matrix-synapse-admin-strip-prefix'] %}
{% endif %}
{% if matrix_synapse_admin_container_labels_traefik_additional_response_headers.keys() | length > 0 %}
{% for name, value in matrix_synapse_admin_container_labels_traefik_additional_response_headers.items() %}
traefik.http.middlewares.matrix-synapse-admin-add-headers.headers.customresponseheaders.{{ name }}={{ value }}
{% endfor %}
{% set middlewares = middlewares + ['matrix-synapse-admin-add-headers'] %}
{% endif %}
traefik.http.routers.matrix-synapse-admin.rule={{ matrix_synapse_admin_container_labels_traefik_rule }}
{% if middlewares | length > 0 %}
traefik.http.routers.matrix-synapse-admin.middlewares={{ middlewares | join(',') }}
{% endif %}
traefik.http.routers.matrix-synapse-admin.service=matrix-synapse-admin
traefik.http.routers.matrix-synapse-admin.entrypoints={{ matrix_synapse_admin_container_labels_traefik_entrypoints }}
traefik.http.routers.matrix-synapse-admin.tls={{ matrix_synapse_admin_container_labels_traefik_tls | to_json }}
{% if matrix_synapse_admin_container_labels_traefik_tls %}
traefik.http.routers.matrix-synapse-admin.tls.certResolver={{ matrix_synapse_admin_container_labels_traefik_tls_certResolver }}
{% endif %}
traefik.http.services.matrix-synapse-admin.loadbalancer.server.port=80
{% endif %}
{{ matrix_synapse_admin_container_labels_additional_labels }}
Reference in a new issue View git blame Copy permalink