Reduce maintenance

templates/traefik-middleware-headers.yml.j2

@@ -0,0 +1,31 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: security-headers
+  namespace: {{ traefik_namespace }}
+spec:
+  headers:
+    browserXssFilter: "true"
+    contentTypeNosniff: "true"
+    forceSTSHeader: "true"
+    frameDeny: "true"
+    stsIncludeSubdomains: "true"
+    stsPreload: "true"
+    stsSeconds: "15768000"
+    sslRedirect: "true"
+    contentSecurityPolicy: "default-src 'self' 'unsafe-inline'"
+    customFrameOptionsValue: "SAMEORIGIN"
+    referrerPolicy: "same-origin"
+    featurePolicy: "vibrate 'self'"
+
+    # CORS
+    accessControlAllowMethods:
+      - "GET"
+      - "OPTIONS"
+      - "PUT"
+    accessControlAllowOrigin: "origin-list-or-null"
+    #accessControlAllowOriginList:
+    #  - "https://foo.bar.org"
+    #  - "https://example.org"
+    accessControlMaxAge: 100
+    addVaryHeader: "true"