aixlabDocs
GitHub Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. aixlabDocs
  2. /
  3. Implementations
  4. /
  5. @home
  6. /
  7. Website

Website

2 minutes to read Website www

For home one website is in operation, which provides this documentation. The website is only available for internal use with apropriate authentiction. The website is hosted at Cloudflare Pages. The website is active under the hostname www.aixlab.de the following hostnames redirect to this site:

Content Management System

Cloudflare Pages hosts the website for aixlabDocs. It is created with Hugo and version control is established on github and connected via CI/CD to cloudflare pages. The design is provided via the hugo theme geekdoc. For the above named host establish:

aixlab.de/* > https://www.aixlab.de/$1
https://*schellenberg.ac/* > https://www.aixlab.de/$2
https://*schellenberg-web.de/* > https://www.aixlab.de/$2

Authentication

The complete website ist protected by access management. Users are authenticated by the aixlab Azure AD. All members of the group aixlab Developer Documentation gain access to aixlabDocs. Make sure that:

  • the authentication provider Azure ist setup.
  • the group aixlab Developer Documentation should be established in Azure AD and the object id (f048a52d-f17e-4fe8-8d8d-cfa52993caaa) needs to be known for th next step.
  • Add Azure AD authentication to staging and production by following this documentation for
    • staging environment *.aixlab-docs.pages.dev and
    • production environment www.aixlab.de,

TLS Configuration

The in Site configuration described security configurations should be set for the following domains:

  • aixlab.de
  • schellenberg.ac
  • schellenberrg-web.de

Security Headers

Security header can be set in the demanded ranges of Secuirty Rules.

The headers can be activated by adding a file in the hugo folder static with the name _headers. The following headers will be set by the security configuration of cloudflare in each zone. The following header are set globally by cloudflare:

  • Strict-Transport-Security
  • X-Content-Type-Options
/*
 Content-Security-Policy: default-src 'self';
 X-Frame-Options: SAMEORIGIN
 X-XSS-Protection: 1; mode=block
 Access-Control-Allow-Origin : https://www.aixlab.de
 Referrer-Policy: same-origin
 Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
```