theres no config for it, it listens on port 8080. I need to expose the logs dir, but not done that yet. So all the logs will only be in the container, but you could point a mount at /var/www/html/logs

will be adding it to my setup on Tuesday, so will see how well it works in anger

this just in 👉 https://hub.docker.com/r/mhzawadi/csp-report

I have started on a docker image that will allow you to collect the CSP reports 👉 https://github.com/mhzawadi/docker-csp-report

Its not working just yet, will work it this week

Yeah that’s the gist, there need to be something on the end of /csp-report or it won’t work.

Will have a look and see if I can make something

Sorry I dont, but our devs have some PHP to log requests to a file. On Monday will see if I can get that and make a docker image you can run

your in luck, I have been doing this at work.

First have a look at the report header Content-Security-Policy-Report-Only add things you know about, as that will allow you to log what you need to have setup. Then once you have a list of things you know you need, add them and what the logs again. adding in things as you see and verify them.

Also dont just add things in without checking that its in your code, you dont want to add hack-me.com by mistake.

Thanks for the help, I have stopped fail2ban and things are now in sync

grafana.lem.rocks

Uno reverse, it cost a $1 to not nice

have made some changes and things might be on the up

OVH is not free, but very cheap

Im with you, I dont need my dishwasher to have WiFi and an account

No, the compose file lists the network but the container is still in its own network.

You need to add this to the container

    networks:
      - nginx-proxy-manager_defualt

side note, I would expose traefik on 127.0.0.1 if its on the same host as nginx. as traefik is visible on all network interfaces.

‘traefik.http.routers.nightscout.rule=Host(localhost)’

so traefik will be looking for the host header localhost and only route requests to the service if it matches, sh when you use your real domain that should be what you use as the host header from nginx

Hello

could you update this with your compose file please?

my first guess is that maybe traefik does not know about nightscout or nightscout is still listening on its own ports

7

You need to be visible on the internet, if my instance can’t see you then I can’t send you updates

Don’t add as notes, add as a new hidden option in bitwarden. Use the password maker to generate a string of crap

Setup a test environment, with all the bits you need and point your updated image at it.

For example I build an image that needs redis, so I have a test compose that starts redis and then my image