Merge pull request 'CORS and security updates' (#2) from cors-security-fix1 into main
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Reviewed-on: #2
This commit is contained in:
commit
2190210bc1
4 changed files with 9 additions and 4 deletions
|
@ -3,13 +3,15 @@ steps:
|
||||||
image: nixos/nix
|
image: nixos/nix
|
||||||
commands:
|
commands:
|
||||||
- echo 'experimental-features = flakes nix-command' >> /etc/nix/nix.conf
|
- echo 'experimental-features = flakes nix-command' >> /etc/nix/nix.conf
|
||||||
|
- nix profile install nixpkgs#gnused --impure
|
||||||
|
- sed -i "s|base_url = \"https://www.softinio.com\"|base_url = \"https://$CI_COMMIT_BRANCH.softinio.com\"|" ./config.toml
|
||||||
- nix build
|
- nix build
|
||||||
- nix flake show
|
- nix flake show
|
||||||
- ls result
|
- ls result
|
||||||
- nix develop --command wrangler pages deploy result --branch=$CI_COMMIT_SOURCE_BRANCH --project-name=softinio --commit-dirty=true
|
- nix develop --command wrangler pages deploy result --branch=$CI_COMMIT_BRANCH --project-name=softinio --commit-dirty=true
|
||||||
secrets: [ cloudflare_account_id, cloudflare_api_token ]
|
secrets: [ cloudflare_account_id, cloudflare_api_token ]
|
||||||
when:
|
when:
|
||||||
event: [push, pull_request]
|
event: [push]
|
||||||
branch:
|
branch:
|
||||||
exclude: [ main ]
|
exclude: [ main ]
|
||||||
|
|
||||||
|
|
|
@ -197,7 +197,7 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con
|
||||||
allowed_domains = [
|
allowed_domains = [
|
||||||
{ directive = "font-src", domains = ["'self'", "data:"] },
|
{ directive = "font-src", domains = ["'self'", "data:"] },
|
||||||
{ directive = "img-src", domains = ["'self'", "https://*", "data:"] },
|
{ directive = "img-src", domains = ["'self'", "https://*", "data:"] },
|
||||||
{ directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js"] },
|
{ directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com"] },
|
||||||
{ directive = "style-src", domains = ["'self'"] },
|
{ directive = "style-src", domains = ["'self'"] },
|
||||||
{ directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] },
|
{ directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] },
|
||||||
]
|
]
|
||||||
|
|
|
@ -31,7 +31,7 @@
|
||||||
ln -snf "${theme}" "themes/${themeName}"
|
ln -snf "${theme}" "themes/${themeName}"
|
||||||
'';
|
'';
|
||||||
buildPhase = ''
|
buildPhase = ''
|
||||||
zola build
|
zola build -f
|
||||||
'';
|
'';
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p $out
|
mkdir -p $out
|
||||||
|
|
3
static/_headers
Normal file
3
static/_headers
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
/*
|
||||||
|
Access-Control-Allow-Origin: https://www.softinio.com https://comments.softinio.com https://*.softinio.pages.dev
|
||||||
|
|
Loading…
Reference in a new issue