Permalink
Browse files

HSTS support (HTTP Strict Trasnport Security)

  • Loading branch information...
jdavid committed Jan 30, 2017
1 parent a305e90 commit ec0c2ff4816df4d35b0db8861dd95bfcbfad0ea6
Showing with 9 additions and 2 deletions.
  1. +5 −2 defaults/main.yml
  2. +4 −0 templates/nginx.conf
View
@@ -20,10 +20,13 @@ django_with_nginx : false
django_with_monit : false
django_with_sudo : false
+django_http : true
+django_https : false
+django_hsts : 0
+certbot_email : ""
+
static_url : "/static/"
media_url : "/media/"
sendfile_url : "/sendfile_internal/"
-certbot_email : ""
-
monit_template : "monit.conf"
View
@@ -51,6 +51,10 @@ server {
ssl_certificate {{ certificate }};
ssl_certificate_key /etc/letsencrypt/live/{{ django_domain }}/privkey.pem;
+ {% if django_hsts %}
+ add_header Strict-Transport-Security "max-age={{ django_hsts }}" always;
+ {% endif %}
+
{{ main() }}
}
{% endif %}

0 comments on commit ec0c2ff

Please sign in to comment.