How to updates CSP policy via environment variables (Docker)

I need to update nextcloud’s CSP default settings to allow form-action submission from sub-domains such as, and so on. Nextcloud is hosted as

Using latest nextcloud from docker hub (nextcloud:fpm).
Also using vouch to provide OAuth2.0 to protected App. Users are authenticated by nextcloud.

Chrome Error message:

Refused to send form data to '' 
because it violates the following Content Security Policy directive:

"form-action 'self'".

Current nextclud form-action is restricted to self. I think that doesnt allow using nextcloud as SSO server unless hosted on the same host.

my vouch is on a sub-host and I think that is my problem.

Adding something like “*” might solve my problem.

I should add, I have a semi-solution for this problem but its not ideal. That is to edit ContentSecurityPolicy.php and add the trusted domain, submitting form-action, to the array $allowedFormActionDomains.
But that means everytime I remove the docker container - I have to re-edit it.