As we would allow inline-scripting without violating 'unsafe-inline' CSP, we would like to enable nonce for our inline-scripts. Setting the nonce in the CSP header will not automatically add the nonce to the script sections in the generated page, thus the settings has no effect. Moreover, the nonce should be generated randomly for every request, according to standard, thus setting it in the CSP header using the site settings will not be a viable solution.
An important security aspect when using a nonce is that you need to generate a new nonce each time a page is loaded and make sure the nonce is not predictable in any way. An attacker who can guess the nonce will still be able to run inline code. Place the generated nonce in your CSP header dynamically and insert the same nonce dynamically in the page source that contains the inline code blocks.
A proper solution will be generating a nonce per request and adding this nonce to the inline script sections of the page, and to the CSP header.
Technically, this might be avoided with not allowing unsafe-inline and use js webfiles. However, in the case when this is not feasible and inline scripting must be use, having nonce feature is the best solution.