nixos-config/machines/renge/services/element-web.nix
Simon Bruder 391234776a
renge/element-web: Fix frame-ancestors CSP
Something changed in how Firefox interprets the CSP, which made loading
element web fail.
2024-08-08 21:26:14 +02:00

49 lines
1.4 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SPDX-FileCopyrightText: 2021-2023 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
{ lib, pkgs, ... }:
{
services.nginx.virtualHosts."chat.sbruder.de" = {
enableACME = true;
forceSSL = true;
root = pkgs.element-web;
# https://github.com/vector-im/element-web#configuration-best-practices
extraConfig = ''
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'self'";
'';
# nixpkgss override mechanism doesnt allow overriding of all options
locations."=/config.chat.sbruder.de.json".alias = pkgs.writeText "config.chat.sbruder.de.json" (lib.generators.toJSON { } {
default_server_config = {
"m.homeserver" = {
base_url = "https://matrix.sbruder.de";
server_name = "matrix.sbruder.de";
};
};
show_labs_settings = true;
branding = {
auth_footer_links = [ ];
};
piwik = false;
default_country_code = "DE";
setting_defaults = {
"UIFeature.feedback" = false;
"UIFeature.shareSocial" = false;
"UIFeature.identityServer" = false;
"UIFeature.thirdPartyId" = false;
};
disable_custom_urls = true;
disable_guests = true;
disable_3pid_login = true;
desktop_builds.available = false;
});
};
}