psono-server/createconfig.py

import sys
import os
from django.template import Engine, Context

def get_config_vars():

    config_vars = {
        'NGINX_STRICT_TRANSPORT_SECURITY': os.environ.get('NGINX_STRICT_TRANSPORT_SECURITY', ''),
        'NGINX_HEADER_REFERRER_POLICY': os.environ.get('NGINX_HEADER_REFERRER_POLICY', 'same-origin'),
        'NGINX_HEADER_X_FRAME_OPTIONS': os.environ.get('NGINX_HEADER_X_FRAME_OPTIONS', 'DENY'),
        'NGINX_HEADER_X_CONTENT_TYPE_OPTIONS': os.environ.get('NGINX_HEADER_X_CONTENT_TYPE_OPTIONS', 'nosniff'),
        'NGINX_HEADER_X_XSS_PROTECTION': os.environ.get('NGINX_HEADER_X_XSS_PROTECTION', '"1; mode=block"'),
        'NGINX_HEADER_CONTENT_SECURITY_POLICY': os.environ.get('NGINX_HEADER_CONTENT_SECURITY_POLICY', '''"default-src 'none'; manifest-src 'self'; connect-src 'self' https://keyserver.ubuntu.com https://storage.googleapis.com https://*.blob.core.windows.net https://*.s3.amazonaws.com https://*.digitaloceanspaces.com https://api.pwnedpasswords.com https://sentry.io; font-src 'self'; img-src 'self' www.google-analytics.com data:; script-src 'self' www.google-analytics.com; style-src 'self' 'unsafe-inline'; object-src 'self'; form-action 'self'"'''),
    }

    return config_vars

def main(src, dst):

    with open(src, 'r') as myfile:
        input = myfile.read()

    template = Engine().from_string(input)
    config_vars = get_config_vars()
    context = Context(config_vars)

    output_from_parsed_template = template.render(context)
    # print(output_from_parsed_template)

    with open(dst, "w") as fh:
        fh.write(output_from_parsed_template)

if __name__ == "__main__":
    src = sys.argv[1]
    dst = sys.argv[2]

    main(src, dst)