CSP and Robots

This much is common to each CSP:

 default-src 'none';
 frame-ancestors 'none';
 base-uri 'self';
 connect-src 'self';
 form-action 'self';
 report-uri https://ekvastra.report-uri.com/r/d/csp/enforce;

Ekvastra.in

 font-src https://fonts.gstatic.com data:;
 style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
 script-src 'self';
 img-src 'self' data:

 User-agent: *
 Disallow: /textpattern/

ekvastra.in/textpattern/

 style-src 'self' 'unsafe-inline';
 script-src 'self' 'unsafe-inline';
 img-src 'self' data:

notes.ekvastra.in

 style-src 'self' 'unsafe-inline';
 script-src 'self' 'unsafe-inline';
 img-src 'self' data:

 User-agent: *
 Disallow: /Site/
 Disallow: /SiteAdmin/
 Disallow: /PmWiki/
 Disallow: /*?action=

wiki.ekvastra.in

 object-src 'self';
 font-src 'self' https://cdnjs.cloudflare.com data:;
 style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com;
 script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdnjs.cloudflare.com;
 img-src 'self' data:;
 manifest-src 'self'

 User-agent: *
 Allow: /*?do=sitemap
 Disallow: /*?do=
 Sitemap: https://wiki.ekvastra.in/doku.php?do=sitemap

podcast.ekvastra.in

 media-src 'self';
 font-src https://fonts.gstatic.com https://cdnjs.cloudflare.com;
 style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com;
 script-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com;
 img-src 'self' data:

 No robots

kanboard.ekvastra.in

Kanboard application uses meta http-equiv="Content-Security-Policy" to set CSP. HTTP headers take priority over page meta elements.

 font-src 'self';
 style-src 'self' 'unsafe-inline';
 script-src 'self';
 img-src * data:

 User-agent: *
 Disallow: /

cal.ekvastra.in

 style-src 'self' 'unsafe-inline';
 script-src 'self' 'unsafe-inline';
 img-src 'self'

 User-agent: *
 Disallow: /