tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 9 Pull requests Releases Activity

nginx: Enable HSTS

Browse source
This commit is contained in:
Tristan Daniël Maat 2021-10-12 13:53:08 +01:00
parent d6e1cd3ffa
commit 3bdbe66fe4
Signed by: tlater
GPG key ID: 49670FD774E43268
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
configuration/default.nix
View file

@ -63,7 +63,10 @@
lib.recursiveUpdate { lib.recursiveUpdate {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; }; locations."/".proxyPass = "http://127.0.0.1:${toString port}";
extraConfig = ''
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
'';
} extra; } extra;
domain = config.services.nginx.domain; domain = config.services.nginx.domain;
in { in {