Content Security Policy Header

In order to make the web vault publicly accessible, I use nginx as reverse proxy.
However, I noticed that - with enabled CSP headers - some of the functionallity gets lost, i.e. some buttons won’t work at all.

It took me a while to find what was going on, but finally the network tab in the developer settings of my browser showed me something like

Refused to execute inline script because it violates the following Content Security Policy directive

Is there a nice way to enable CSP headers in my proxy config and still be able to use all features?

Until now, I manually added each script’s hash as an exception to the CSP header, however, this is highly susceptible to changes to the script in question in future releases.

I’m running into this issue too.

Would be great if you could share what you added in the script-src policy to help others!