apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: onlyoffice-security-headers
spec:
  headers:
    stsSeconds: 31536000
    stsIncludeSubdomains: true
    stsPreload: true
    browserXssFilter: true
    contentTypeNosniff: true
    referrerPolicy: "no-referrer"
    customResponseHeaders:
      X-Content-Type-Options: "nosniff"
      X-XSS-Protection: "1; mode=block"
      X-Frame-Options: "ALLOW-FROM https://cloud.limbosolutions.com"
      Content-Security-Policy: "frame-ancestors https://cloud.limbosolutions.com"


---
# required because of only office, iframes being generated with http
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: onlyoffice-headers
spec:
  headers:
    customRequestHeaders:
      X-Forwarded-Proto: "https"
      X-Forwarded-Ssl: "on"
      X-Forwarded-Port: "443"