Add CSP reports

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / default.nix

diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 7a9a125715341923868830f54ede5a1ed6a9d66e..93d11222785fd860c64dcd7320d1221f35f7b6d8 100644 (file)
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -112,6 +112,7 @@ in {
         ''
           Timeout 600
           ProxyTimeout 600
+          Header always set Content-Security-Policy-Report-Only "${config.myEnv.tools.csp_reports.policies.inline}"
           <Directory "/var/lib/ftp/devtools.immae.eu">
             DirectoryIndex index.php index.htm index.html
             AllowOverride all
@@ -304,6 +305,8 @@ in {
         };
         phpEnv = {
           CONTACT_EMAIL = config.myEnv.tools.contact;
+          CSP_REPORT_URI = with config.myEnv.tools.csp_reports.postgresql;
+            "\"host=${socket} dbname=${database} user=${user} password=${password}\"";
         };
         phpPackage = pkgs.php72;
       };