pub/charts
1
0
Fork 0
Code Issues Pull requests Releases Packages 19 Activity Actions

funkwhale: Fix for potential startup issue

Browse source 
Also updates the nginx config to the current version
This commit is contained in:
Alexander Olofsson 2022-01-08 13:35:59 +01:00
parent 9f926c68ed
commit 373ee3cef8
No known key found for this signature in database
GPG key ID: D439C9470CB04C73
3 changed files with 35 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
charts/funkwhale/Chart.yaml
View file

@ -4,7 +4,7 @@ appVersion: "1.2.1"
description: A social platform to enjoy and share music description: A social platform to enjoy and share music
icon: https://funkwhale.audio/favicon.png icon: https://funkwhale.audio/favicon.png
name: funkwhale name: funkwhale
version: 0.4.4 version: 0.4.5
dependencies: dependencies:
- name: redis - name: redis

38
charts/funkwhale/templates/configmap-front.yaml
View file

@ -28,9 +28,36 @@ data:
root /frontend; root /frontend;
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:"; add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:; worker-src 'self'";
add_header Referrer-Policy "strict-origin-when-cross-origin"; add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header X-Frame-Options "SAMEORIGIN" always;
# compression settings
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/javascript
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# end of compression settings
location / { location / {
include /etc/nginx/funkwhale_proxy.conf; include /etc/nginx/funkwhale_proxy.conf;
@ -40,7 +67,7 @@ data:
} }
location /front/ { location /front/ {
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:"; add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:; worker-src 'self'";
add_header Referrer-Policy "strict-origin-when-cross-origin"; add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Service-Worker-Allowed "/"; add_header Service-Worker-Allowed "/";
add_header X-Frame-Options "ALLOW"; add_header X-Frame-Options "ALLOW";
@ -51,10 +78,10 @@ data:
} }
location /front/embed.html { location /front/embed.html {
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:"; add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:; worker-src 'self'";
add_header Referrer-Policy "strict-origin-when-cross-origin"; add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header X-Frame-Options "ALLOW"; add_header X-Frame-Options "" always;
alias /frontend/embed.html; alias /frontend/embed.html;
expires 30d; expires 30d;
add_header Pragma public; add_header Pragma public;
@ -84,6 +111,7 @@ data:
{{- if .Values.s3.enabled }} {{- if .Values.s3.enabled }}
location ~ /_protected/media/(.+) { location ~ /_protected/media/(.+) {
internal; internal;
# Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
proxy_set_header Authorization ""; proxy_set_header Authorization "";
proxy_pass $1; proxy_pass $1;
} }
@ -103,7 +131,7 @@ data:
# has been checked on API side # has been checked on API side
# Set this to the same value as your MUSIC_DIRECTORY_PATH setting # Set this to the same value as your MUSIC_DIRECTORY_PATH setting
internal; internal;
alias ${MUSIC_DIRECTORY_PATH}; alias ${MUSIC_DIRECTORY_SERVE_PATH};
} }
location /staticfiles/ { location /staticfiles/ {

1
charts/funkwhale/templates/configmap.yaml
View file

@ -11,6 +11,7 @@ metadata:
data: data:
FUNKWHALE_HOSTNAME: {{ .Values.ingress.host }} FUNKWHALE_HOSTNAME: {{ .Values.ingress.host }}
FUNKWHALE_PROTOCOL: {{ .Values.ingress.protocol }} FUNKWHALE_PROTOCOL: {{ .Values.ingress.protocol }}
FUNKWHALE_SPA_HTML_ROOT: http://localhost/front/
REVERSE_PROXY_TYPE: nginx REVERSE_PROXY_TYPE: nginx
MEDIA_ROOT: /srv/funkwhale/data/media MEDIA_ROOT: /srv/funkwhale/data/media
STATIC_ROOT: /srv/funkwhale/data/static STATIC_ROOT: /srv/funkwhale/data/static