envs
/
ops
mirror of https://git.envs.net/envs/ops.git
1
0
Fork 0
Code Releases Activity

nginx: add cors blacklist for matrix

This commit is contained in:
creme 2021-02-13 16:18:22 +00:00
parent b5193781c4
commit 67dde161a7
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
etc/nginx/sites-available/envs.net.conf
View File

@ -24,6 +24,16 @@ server {
}
}
map $http_origin $DO_CORS {
# indicates all map values are hostnames and should be parsed as such
hostnames;
# default value
default 'true';
# blocked domains
renaissance.eu.org 'false';
element.renaissance.eu.org 'false';
}
server {
listen 89.163.145.170:443 ssl http2 default_server;
include snippets/listen_local_ssl.conf;
@ -68,13 +78,13 @@ server {
## matrix
location /.well-known/matrix/support {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Origin "$DO_CORS";
add_header Content-Type application/json;
return 200 '{"admins": [{"matrix_id": "@creme:envs.net", "email_address": "hostmaster@envs.net", "role": "admin"}]}';
}
location /.well-known/matrix/ {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Origin "$DO_CORS";
add_header Content-Type application/json;
return 200 '{"m.server": "matrix.envs.net:443", "m.homeserver": {"base_url": "https://matrix.envs.net"}, "m.integrations": {"managers": [{"ui_url": "https://dimension.envs.net/riot", "api_url": "https://dimension.envs.net/api/v1/scalar"}, {"ui_url": "https://scalar.vector.im/", "api_url": "https://scalar.vector.im/api"}]}, "m.integrations_widget": {"url": "https://dimension.envs.net/riot", "data": {"api_url": "https://dimension.envs.net/api/v1/scalar"}}}';
}