tomasz-syn-grzegorza f4775366ef Harden production security: Dockerfile build, nginx whitelist, and CSP.
Replace Dokploy runtime git clone with Dockerfile build to keep tokens out of the container, add nginx security headers and path whitelist, and scrub templates from the running image after HTML generation.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-27 16:58:27 +02:00
S
Description
No description provided
1.5 MiB
Languages
Shell 85.9%
Dockerfile 14.1%