summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--puppet/modules/site_apache/templates/vhosts.d/api.conf.erb3
-rw-r--r--puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb3
2 files changed, 6 insertions, 0 deletions
diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
index 6a276e22..bc5ff156 100644
--- a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
+++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
@@ -22,6 +22,9 @@ Listen 0.0.0.0:<%= api_port %>
RequestHeader set X_FORWARDED_PROTO 'https'
<IfModule mod_headers.c>
+<% if @webapp['secure'] -%>
+ Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+<% end -%>
Header always unset X-Powered-By
Header always unset X-Runtime
</IfModule>
diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
index 9108caff..5e3960c2 100644
--- a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
+++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
@@ -22,6 +22,9 @@
RequestHeader set X_FORWARDED_PROTO 'https'
<IfModule mod_headers.c>
+<% if @webapp['secure'] -%>
+ Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+<% end -%>
Header always unset X-Powered-By
Header always unset X-Runtime
</IfModule>
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 08:46:00 +0000