bitlair/ansible
6
0
Fork 1
Code Issues Pull requests Activity Actions

Add HSTS headers to all web services

Browse source
This commit is contained in:
polyfloyd 2024-06-11 20:00:40 +02:00
parent 5ae55c6c5b
commit 8a8216d78e
6 changed files with 11 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
roles/monitoring/templates/grafana.ini
View file

@ -58,11 +58,6 @@ versions_to_keep = 20
enabled = true
path = /var/lib/grafana/dashboards
# Alerting
[alerting]
enabled = true
execute_alerts = True
# SMTP and email config
# Logging

3
roles/monitoring/templates/nginx-site.conf
View file

@ -10,6 +10,9 @@ server {
ssl_certificate_key "/var/lib/dehydrated/certs/{{ monitoring_domain }}/privkey.pem";
{% endif %}
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-Robots-Tag noindex;
location / {