From 7a72be04f98e2e74841bcf3156c74507241ba011 Mon Sep 17 00:00:00 2001 From: Paul-Henri Froidmont Date: Sun, 25 Nov 2018 18:05:35 +0100 Subject: [PATCH] Update Nextcloud to 14.0.3 and add security http headers --- roles/nextcloud-docker/files/nextcloud/app/Dockerfile | 2 +- roles/nextcloud-docker/files/nextcloud/docker-compose.yml | 2 ++ roles/nextcloud-docker/tasks/main.yml | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/nextcloud-docker/files/nextcloud/app/Dockerfile b/roles/nextcloud-docker/files/nextcloud/app/Dockerfile index 72347af..462f92b 100644 --- a/roles/nextcloud-docker/files/nextcloud/app/Dockerfile +++ b/roles/nextcloud-docker/files/nextcloud/app/Dockerfile @@ -1,4 +1,4 @@ -FROM nextcloud:14.0.1-fpm +FROM nextcloud:14.0.3-fpm RUN apt-get update && apt-get install -y \ supervisor \ diff --git a/roles/nextcloud-docker/files/nextcloud/docker-compose.yml b/roles/nextcloud-docker/files/nextcloud/docker-compose.yml index aeb49dc..06dcac5 100644 --- a/roles/nextcloud-docker/files/nextcloud/docker-compose.yml +++ b/roles/nextcloud-docker/files/nextcloud/docker-compose.yml @@ -15,6 +15,8 @@ services: - "traefik.backend=nextcloud" - "traefik.docker.network=web" - "traefik.frontend.rule=Host:cloud.banditlair.com" + - "traefik.frontend.headers.customResponseHeaders=Strict-Transport-Security:max-age=15552000; includeSubDomains" + - "traefik.frontend.headers.referrerPolicy=no-referrer" - "traefik.enable=true" - "traefik.port=80" - "traefik.default.protocol=http" diff --git a/roles/nextcloud-docker/tasks/main.yml b/roles/nextcloud-docker/tasks/main.yml index da32648..eef3782 100644 --- a/roles/nextcloud-docker/tasks/main.yml +++ b/roles/nextcloud-docker/tasks/main.yml @@ -25,6 +25,7 @@ docker_service: project_src: "{{docker_compose_files_folder}}/nextcloud" build: yes + pull: yes state: present - name: Check if database tables exist command: docker-compose exec -T db mysql -u nextcloud -p{{nextcloud_mysql_password}} nextcloud -e "show tables;"