Modules: add Airsonic proxying rules (still hasn't fixed video playback)

2024-07-12 11:11:20 -04:00 · 2024-07-12 11:11:20 -04:00 · eebf15065c
parent 5cf65e221b
commit eebf15065c
1 changed files with 9 additions and 8 deletions
--- a/modules/services/airsonic.nix
+++ b/modules/services/airsonic.nix
@ -44,14 +44,15 @@ in
          proxyPass = "http://127.0.0.1:4040";
          proxyWebsockets = true;
          extraConfig = ''
-             # Taken from https://airsonic.github.io/docs/proxy/nginx/
-                      	proxy_set_header X-Real-IP         $remote_addr;
-            	        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
-                	    proxy_set_header X-Forwarded-Proto https;
-            	        proxy_set_header X-Forwarded-Host  $http_host;
-            	        proxy_set_header Host              $http_host;
-            	        proxy_max_temp_file_size           0;
-                      	proxy_ssl_server_name on;
+            # Taken from https://airsonic.github.io/docs/proxy/nginx/
+            proxy_set_header X-Real-IP         $remote_addr;
+            proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto https;
+            proxy_set_header X-Forwarded-Host  $host;
+            proxy_set_header Host              $host;
+            proxy_max_temp_file_size           0;
+            proxy_ssl_server_name on;
+            add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.gstatic.com; img-src 'self' *.akamaized.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; frame-src 'self'; object-src 'none'";
          '';
        };
      };