ruangrupa/kios-webapp
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ec0e7601c4
kios-webapp/docker-compose-prod.yml
Max Schmidt 134820e898 test 
Signed-off-by: Max Schmidt <max.schmidt@outlook.de>
2023-05-17 16:27:48 +02:00

48 lines
2.7 KiB
YAML
Raw Blame History

services:
astro:
build:
context: astro
target: prod
environment:
PAYLOAD_URL: ${PAYLOAD_URL}
labels:
- "traefik.enable=true"
- "traefik.http.routers.${NAME}-astro.rule=Host(`${ASTRO_URL}`)"
- "traefik.http.routers.${NAME}-astro.entrypoints=https"
- "traefik.http.routers.${NAME}-astro.tls.certresolver=httpresolver"
- "traefik.http.routers.${NAME}-astro.middlewares=security-headers-${NAME}-astro"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.accesscontrolallowmethods=GET, OPTIONS, PUT, POST, DELETE, HEAD, PATCH"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.accesscontrolmaxage=100"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.addvaryheader=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.hostsproxyheaders=X-Forwarded-Host"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.sslredirect=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.sslproxyheaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.stsseconds=63072000"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.stsincludesubdomains=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.stspreload=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.forcestsheader=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.permissionspolicy=camera=(), accelerometer=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=()"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.framedeny=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.contentsecuritypolicy=default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' data:; style-src 'self' 'unsafe-inline'"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.contenttypenosniff=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.browserxssfilter=true"
- "traefik.http.middlewares.security-headers-${NAME}-astro.headers.referrerpolicy=same-origin"
- traefik.docker.network=traefik_network
networks:
- traefik_network
payload:
build:
context: payload
target: prod
labels:
- traefik.enable=true
- traefik.http.routers.${NAME}-payload.rule=Host(`${PAYLOAD_URL}`)
- traefik.http.routers.${NAME}-payload.entrypoints=https
- traefik.http.routers.${NAME}-payload.tls.certresolver=httpresolver
- traefik.docker.network=traefik_network
networks:
traefik_network:
external: true
Reference in New Issue View Git Blame Copy Permalink