From 32e00602f0cdda6f2b72cc460ddfa434fa42b30f Mon Sep 17 00:00:00 2001
From: Leyla Becker <git@jan-leila.com>
Date: Tue, 11 Mar 2025 18:48:44 -0500
Subject: [PATCH] removed some extra config from jellyfin nginx config to fix
 webos

---
 modules/nixos-modules/server/jellyfin.nix | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/modules/nixos-modules/server/jellyfin.nix b/modules/nixos-modules/server/jellyfin.nix
index ba58fe9..e3eb986 100644
--- a/modules/nixos-modules/server/jellyfin.nix
+++ b/modules/nixos-modules/server/jellyfin.nix
@@ -38,8 +38,6 @@ in {
                 extraConfig = ''
                   client_max_body_size 20M;
                   add_header X-Content-Type-Options "nosniff";
-                  add_header Content-Security-Policy "default-src https: data: blob: ; img-src 'self' https://* ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'; font-src 'self'";
-                  add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
 
                   proxy_set_header Host $host;
                   proxy_set_header X-Real-IP $remote_addr;
@@ -59,8 +57,6 @@ in {
                 extraConfig = ''
                   client_max_body_size 20M;
                   add_header X-Content-Type-Options "nosniff";
-                  add_header Content-Security-Policy "default-src https: data: blob: ; img-src 'self' https://* ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'; font-src 'self'";
-                  add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
 
                   proxy_set_header Host $host;
                   proxy_set_header X-Real-IP $remote_addr;