ingress/internal: relax security
All checks were successful
/ continuous-deploy (push) Successful in 23s
All checks were successful
/ continuous-deploy (push) Successful in 23s
ingress/public: disabled authentik-forward-auth (problems with phone clients) middlewares/rate-limit: increase values middlewares/security-headers:- added sts - fix nextcloud warning Some headers are not set correctly on your instance - The Strict-Transport-Security HTTP header is not set (should be at least 15552000 seconds). For enhanced security, it is recommended to enable HSTS
This commit is contained in:
Márcio Fernandes
@@ -17,8 +17,8 @@ metadata:
|
||||
name: rate-limit
|
||||
spec:
|
||||
rateLimit:
|
||||
average: 50
|
||||
burst: 100
|
||||
average: 100
|
||||
burst: 500
|
||||
|
||||
---
|
||||
# Optional: security headers for UI
|
||||
@@ -28,19 +28,19 @@ metadata:
|
||||
name: nextcloud-security-headers
|
||||
spec:
|
||||
headers:
|
||||
stsSeconds: 31536000
|
||||
stsIncludeSubdomains: true
|
||||
stsPreload: true
|
||||
browserXssFilter: true
|
||||
contentTypeNosniff: true
|
||||
frameDeny: true
|
||||
frameDeny: false
|
||||
referrerPolicy: "no-referrer"
|
||||
stsSeconds: 15552000
|
||||
stsIncludeSubdomains: true
|
||||
stsPreload: true
|
||||
customResponseHeaders:
|
||||
X-Content-Type-Options: "nosniff"
|
||||
X-Frame-Options: "DENY"
|
||||
X-Frame-Options: "SAMEORIGIN"
|
||||
X-XSS-Protection: "1; mode=block"
|
||||
|
||||
---
|
||||
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
|
||||
Reference in New Issue
Block a user