Setting custom CSP headers

I have problems setting custom CSP headers in my self-hosted Directus instance. I am using Coolify for deployment. There I can check the contents of the deployable compose file. The section in question is this:
CONTENT_SECURITY_POLICY_MEDIA_SRC: “‘self’ https://*.b-cdn.net blob:”
CONTENT_SECURITY_POLICY_SCRIPT_SRC: “‘self’ ‘unsafe-eval’ ‘unsafe-inline’”
CONTENT_SECURITY_POLICY_STYLE_SRC: “‘self’ ‘unsafe-inline’ blob:”

Yet, the applied CSP headers are this:
content-security-policy: script-src ‘self’ ‘unsafe-eval’;worker-src ‘self’ blob:;child-src ‘self’ blob:;img-src ‘self’ data: blob: https://raw.githubusercontent.com https://avatars.githubusercontent.com;media-src ‘self’;connect-src ‘self’ https://* wss://*;default-src ‘self’;base-uri ‘self’;font-src ‘self’ https: data:;form-action ‘self’;frame-ancestors ‘self’;object-src ‘none’;script-src-attr ‘none’;style-src ‘self’ https: ‘unsafe-inline’

Did anyone run into the same issue? Thanks!

I think there is a problem with naming because for me this works

CONTENT_SECURITY_POLICY_DIRECTIVES__IMG_SRC