Use Nginx reverse proxy to add Content-Security-Policy header and disable phoning home or external analytics inside web-browser.
Set Content-Security-Policy
for Netdata to stop calling home.
user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; server { listen 80 default_server; server_name _; proxy_hide_header Content-Security-Policy; add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" always; location / { proxy_pass http://127.0.0.1:19999/; } } }
Set Content-Security-Policy
for RestyaBoard to stop external calls.
user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; server { listen 80 default_server; server_name _; proxy_hide_header Content-Security-Policy; add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com/;font-src 'self' http://fonts.gstatic.com/;" always; location / { proxy_pass http://127.0.0.1:19999/; } } }
This is really useful as you can easily stop external calls inside a web-browser.