From 9dd7cfec99736ff2f08abad277c01ec137d17263 Mon Sep 17 00:00:00 2001 From: Bastian de Byl Date: Thu, 5 Oct 2023 21:01:04 -0400 Subject: [PATCH] noticket - nginx fixes for skudak, fulfillr config --- .../roles/podman/templates/fulfillr/production.json.j2 | 2 +- .../nginx/sites/cloud.skudakrennsport.com.https.conf.j2 | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/ansible/roles/podman/templates/fulfillr/production.json.j2 b/ansible/roles/podman/templates/fulfillr/production.json.j2 index 94b9ddb..86b63d6 100644 --- a/ansible/roles/podman/templates/fulfillr/production.json.j2 +++ b/ansible/roles/podman/templates/fulfillr/production.json.j2 @@ -10,6 +10,6 @@ }, "tax": { "ein": "{{ fulfillr_tax_ein }}", - "ioss": "{{ fulfillr_tax_ioss }}", + "ioss": "{{ fulfillr_tax_ioss }}" } } \ No newline at end of file diff --git a/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2 b/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2 index 3a4f65c..197c9fb 100644 --- a/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2 +++ b/ansible/roles/podman/templates/nginx/sites/cloud.skudakrennsport.com.https.conf.j2 @@ -27,12 +27,14 @@ server { ssl_stapling_verify on; location / { - add_header Referrer-Policy "same-origin" always; - add_header Strict-Transport-Security "max-age=630720000; includeSubDomains" always; - add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "same-origin" always; + add_header Strict-Transport-Security "max-age=630720000; includeSubDomains" always; + add_header X-Content-Type-Options "nosniff" always; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_buffering off;