Update pgAdmin configuration to fix CSRF issues and trust proxy headers
This commit is contained in:
Mohmmed Elfateh Sabry
@@ -212,6 +212,13 @@ services:
|
|||||||
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD}
|
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD}
|
||||||
PGADMIN_CONFIG_SERVER_MODE: 'False'
|
PGADMIN_CONFIG_SERVER_MODE: 'False'
|
||||||
PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED: 'False'
|
PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED: 'False'
|
||||||
|
# Fix CSRF issues behind reverse proxy
|
||||||
|
PGADMIN_CONFIG_WTF_CSRF_CHECK_DEFAULT: 'False'
|
||||||
|
PGADMIN_CONFIG_WTF_CSRF_TIME_LIMIT: 'None'
|
||||||
|
PGADMIN_CONFIG_ENHANCED_COOKIE_PROTECTION: 'False'
|
||||||
|
# Trust proxy headers
|
||||||
|
PGADMIN_CONFIG_PROXY_X_HOST_COUNT: '1'
|
||||||
|
PGADMIN_CONFIG_PROXY_X_PREFIX_COUNT: '1'
|
||||||
volumes:
|
volumes:
|
||||||
- pgadmin_data:/var/lib/pgadmin
|
- pgadmin_data:/var/lib/pgadmin
|
||||||
labels:
|
labels:
|
||||||
@@ -219,5 +226,5 @@ services:
|
|||||||
- traefik.http.routers.pgadmin.rule=Host(`pgadmin.gate.${DOMAIN}`)
|
- traefik.http.routers.pgadmin.rule=Host(`pgadmin.gate.${DOMAIN}`)
|
||||||
- traefik.http.routers.pgadmin.entrypoints=websecure
|
- traefik.http.routers.pgadmin.entrypoints=websecure
|
||||||
- traefik.http.routers.pgadmin.tls.certresolver=le
|
- traefik.http.routers.pgadmin.tls.certresolver=le
|
||||||
- traefik.http.routers.pgadmin.middlewares=basic-auth,security-headers
|
- traefik.http.routers.pgadmin.middlewares=security-headers
|
||||||
- traefik.http.services.pgadmin.loadbalancer.server.port=80
|
- traefik.http.services.pgadmin.loadbalancer.server.port=80
|
||||||
|
|||||||
Reference in New Issue
Block a user