WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
8f7acb0dde5f4242147292f8cedc360145abb9e4
fedora-infra_ansible/roles/httpd/reverseproxy/templates/reversepassproxy.id.conf
Till Maas 8f7acb0dde Increase HSTS max age to one year 
The HSTS preload list requires this now: https://hstspreload.org/
2018-02-07 12:42:36 +01:00

26 lines
746 B
Plaintext
Raw Blame History

RequestHeader unset Expect early
RequestHeader set X-Forwarded-Scheme https early
RequestHeader set X-Forwarded-Proto https early
# Cannot redirect to HTTPS for *.id.fedoraproject.org or set
# "includeSubdomains", because relying parties need to be able to access
# username.id.fedoraproject.org via plain HTTP
Header always add Strict-Transport-Security "max-age=31536000; preload"
RewriteEngine on
RewriteRule ^(.+) - [PT]
<Location /login>
# required for rewrite rule
Options +SymLinksIfOwnerMatch
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</Location>
ProxyPass {{localpath}} {{proxyurl}}{{remotepath}}
ProxyPassReverse {{localpath}} {{proxyurl}}{{remotepath}}
Reference in New Issue View Git Blame Copy Permalink