Commit 5759b8e1 authored by BAIRE Anthony's avatar BAIRE Anthony
Browse files

disable HSTS in the development setup

(to remove uninteresting warnings raised by firefox)
parent dc4923e5
Pipeline #129518 failed with stages
in 1 second
......@@ -145,6 +145,11 @@ services:
volumes:
- "/data/dev/nginx:/vol"
networks: [dev]
environment:
# we disable HSTS in the dev environment because firefox spits many
# warnings in the console when HSTS is used together with a self-signed
# certificate.
NGINX_DISABLE_HSTS: 1
# TOOLBOX
......
......@@ -21,8 +21,10 @@ security_config = lambda fqdn: """
ssl_certificate_key /vol/ro/ssl/{fqdn}.key;
include /etc/nginx/ssl.conf;
{hsts}
""".format(fqdn=fqdn)
""".format(fqdn=fqdn, hsts="more_clear_headers Strict-Transport-Security;"
if os.environ.get("NGINX_DISABLE_HSTS") else "")
# default server (returns 404)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment