Commit Graph

53 Commits

Author SHA1 Message Date
Martin McKeaveney 04a2da6a64 enable proxy buffering for calls to OIDC endpoints 2024-11-16 14:50:56 +00:00
Martin McKeaveney 1543e6dc2b env variable for turning off csp 2024-11-10 13:08:51 +00:00
mike12345567 4e27bb97f5 Updating hosting to remove references to watchtower. 2024-11-06 16:05:46 +00:00
Martin McKeaveney ec892a13b6 merge 2024-06-04 12:43:34 +01:00
Martin McKeaveney 3909bbcfc0 NGINX headers for security audit 2024-06-03 15:05:18 +01:00
Dean 995d2154ca Included blob: in worker csp security header. Required for atrament to load 2024-05-20 14:09:07 +01:00
melohagan 187e7b281a
Chore/update csp posthog (#13455)
* Add us.i.posthog.com to CSP

* Allow posthog survey scripts in CSP
2024-04-11 09:57:36 +01:00
melohagan 6613dfad44
Add us.i.posthog.com to CSP (#13453) 2024-04-11 08:40:50 +01:00
Sam Rose 995f24c64f
Allow cluster internal traffic to hit the nginx status endpoint. 2023-12-14 15:35:45 +00:00
Sam Rose 72d2b57e5d
Expose /nginx_status on the proxy image for DataDog collection. 2023-12-06 09:48:27 +00:00
Andrew Kingston 3162d45c5e Update error page again 2023-10-31 09:48:19 +00:00
Andrew Kingston e103e6b85b Use new branding in error fallback page 2023-10-30 10:52:21 +00:00
andz-bb 4bcc49b692 add cloudfront to script csp to fix cloud plugins 2023-10-26 07:33:53 +01:00
Gerard Burns efb3e9d461 correct nginx cors changes 2023-09-21 09:07:50 +01:00
Gerard Burns 36f351e96d Nginx cors changes to allow communicating with account portal from bb front end (#11831) 2023-09-20 12:08:46 +01:00
Dean 2304032423 Added embed state, behaviours and event tracking to client app. UI/UX Refactoring 2023-06-16 12:30:08 +01:00
Martin McKeaveney 927396d580 Update nginx.prod.conf 2023-05-16 11:42:47 +01:00
Martin McKeaveney bbf271961f adding healthcheck to proxy service 2023-05-09 11:48:49 +01:00
Martin McKeaveney b75caa03a6 updating production timeouts 2023-04-21 17:25:55 +01:00
Martin McKeaveney 065c466eeb Merge pull request #9897 from Budibase/fix/csp-media-src
Add budi cdn to CSP media-src directive
2023-03-07 15:42:53 +00:00
Peter Clement f3b7445dcb fix formatting 2023-03-07 14:45:11 +00:00
Peter Clement 9f3f4d37bc Fix s3 csp 2023-03-07 14:37:35 +00:00
andz-bb bf903dc956 update csp media-src to allow media from budi cdn 2023-03-06 17:33:56 +00:00
Peter Clement 55bff3de29 no wildcard at start of s3 csp 2023-02-16 10:18:48 +00:00
Peter Clement e7999504c8 wildcard all amazonaws addresses 2023-02-16 10:13:25 +00:00
Martin McKeaveney 238854aa0e updating onboarding tour and fixing github CSP 2023-02-07 14:49:45 +00:00
Rory Powell b635614f77 Allow proxy upstream URLs to be configured at runtime (#7413)
* allow proxy upstream urls to be configured at runtime

* make dynamic upstream urls in proxy the default behaviour

* reorder env directives

* Use appVersion for proxy image

* Update couch upstream for proxy

* proxy ci updates - WIP

* allowing custom resolvers in proxy service deployment

* remove generateProxyConf script for prod and remove from builds

* remove generateProxyConfig script

* removing nginx dev conf

* delete generated nginx conf

Co-authored-by: Thomas Weiß <panos@unbunt.org>
Co-authored-by: Martin McKeaveney <martinmckeaveney@gmail.com>
2022-12-20 16:28:13 +00:00
Andrew Kingston 603c8744a5 Merge branch 'master' into master-develop 2022-10-25 12:03:33 +01:00
Jonny McCullagh d1e729ec55 proxy IPv6 removal needs to happen after envsubst 2022-10-18 09:33:04 +01:00
Jonny McCullagh ecb47851d6 make proxy ipv6 customise script executable 2022-10-17 10:20:09 +01:00
Martin McKeaveney 6ff52c64a3 ipv6 change for master 2022-10-13 18:07:55 +01:00
Jonny McCullagh eecaa61555 remove ipv6 conf from nginx proxy if ipv6 not enabled 2022-10-12 15:02:05 +01:00
Jonny McCullagh af2203fac8 remove ipv6 conf from nginx proxy if ipv6 not enabled 2022-10-12 14:54:25 +01:00
Jonny McCullagh 67301cfb58 remove ipv6 conf from nginx proxy if ipv6 not enabled 2022-10-12 14:53:06 +01:00
Rory Powell 5a34bda3e2 Configurable api rate limit through nginx 2022-09-05 09:54:07 +01:00
Rory Powell dc35b0da78 Configurable api rate limit through nginx 2022-09-05 09:09:43 +01:00
Rory Powell c94d916050 Add seperate rate limiting config for webhooks + environment variable support 2022-08-05 17:41:55 +01:00
Rory Powell be16540a8f Replace spectrum with custom CSS 2022-04-25 16:39:44 +01:00
Rory Powell 5d2205a9bb Add static html error page to nginx for 502, 503, 504 2022-03-31 15:58:45 +01:00
Martin McKeaveney 1cbca0578a removing need for handlebars in nginx script, automating proxy service deployment 2022-02-22 13:24:21 +01:00
Martin McKeaveney 387e5035d1 update gitignore 2022-02-16 14:16:06 +01:00
Martin McKeaveney a85f667dbe templatize nginx configuration into one prod configuration and add NPM scripts to manage 2022-02-16 14:12:53 +01:00
Martin McKeaveney e7233f9086 increase burst limit, remove log mounts 2022-02-14 17:39:10 +01:00
Martin McKeaveney 57e554a98b fixes for k8s 2022-02-11 19:04:27 +01:00
Martin McKeaveney 27c0eafaf9 CSP fixes 2022-02-11 16:05:35 +01:00
Martin McKeaveney b6320f14cc Merge branch 'fix/nginx' of github.com:Budibase/budibase into fix/nginx 2022-02-11 15:14:40 +01:00
Martin McKeaveney 082be8ef67 fix port redirection issue 2022-02-11 15:13:31 +01:00
mike12345567 a78dd38a58 Fixing img-src for self host. 2022-02-11 13:23:15 +00:00
Martin McKeaveney 8f668eac85 add csp update for nginx in self host 2022-02-11 13:23:53 +01:00
Martin McKeaveney 4fc9b6d535 adding nginx best practices on buffering and body size, gzip 2022-02-01 14:38:58 +01:00