From 4a336a0cbcec74e8a9a8e97dcac88d19ca4a3116 Mon Sep 17 00:00:00 2001 From: Brian McMillen Date: Wed, 23 Jun 2021 00:00:55 +0000 Subject: [PATCH] Update external-storages.rst - include note on issue with extraneous Content-Security-Policy header --- docs/admin/external-storages.rst | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/docs/admin/external-storages.rst b/docs/admin/external-storages.rst index 68e002a8f..d2e3e36dc 100644 --- a/docs/admin/external-storages.rst +++ b/docs/admin/external-storages.rst @@ -63,10 +63,32 @@ by hand (which is outside the scope of this guide). At the moment, we do not support S3 when using Apache as a reverse proxy. +.. note:: + + If you are attempting to integrate your docker deployment with an existing nginx webserver, + such as the one provided by `linuxserver/swag `_ + (formerly `linuxserver/letsencrypt `_), + you may run into an issue where an additional ``Content-Security-Policy`` header appears in responses from the server, + without the newly included S3 URL values. + + In this case, you can suppress the extraneous ``Content-Security-Policy`` header by specifying it in a ``proxy_hide_header`` + `directive `_ in the ``location /`` block. + + .. code-block:: shell + + location / { + proxy_pass http://funkwhale:80; + # ... + # ... include the rest of the preset directives + # ... + proxy_hide_header Content-Security-Policy; + } + + Serving audio files directly from the bucket ******************************************** -Depending on your setup, you may want to serve audio fils directly from the S3 bucket +Depending on your setup, you may want to serve audio files directly from the S3 bucket instead of proxying them through Funkwhale, e.g to reduce the bandwidth consumption on your server, or get better performance.