thib8956/nginx-proxy
1
0
Fork 0
mirror of https://github.com/thib8956/nginx-proxy synced 2025-07-03 07:15:46 +00:00
Code Issues Releases Wiki Activity

Added custom HSTS support (issue #953)

Browse Source
This commit is contained in:
Steve Kamerman
2017-11-08 22:30:24 -05:00
parent 1374ee5b9e
commit a312472fb5
4 changed files with 63 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
nginx.tmpl
View File

@ -158,6 +158,9 @@ upstream {{ $upstream_name }} {
{{/* Get the HTTPS_METHOD defined by containers w/ the same vhost, falling back to "redirect" */}}
{{ $https_method := or (first (groupByKeys $containers "Env.HTTPS_METHOD")) "redirect" }}
{{/* Get the HSTS defined by containers w/ the same vhost, falling back to "max-age=31536000" */}}
{{ $hsts := or (first (groupByKeys $containers "Env.HSTS")) "max-age=31536000" }}
{{/* Get the VIRTUAL_ROOT By containers w/ use fastcgi root */}}
{{ $vhost_root := or (first (groupByKeys $containers "Env.VIRTUAL_ROOT")) "/var/www/public" }}
@ -225,8 +228,8 @@ server {
ssl_trusted_certificate {{ printf "/etc/nginx/certs/%s.chain.crt" $cert }};
{{ end }}
{{ if (ne $https_method "noredirect") }}
add_header Strict-Transport-Security "max-age=31536000";
{{ if (and (ne $https_method "noredirect") (ne $hsts "off")) }}
add_header Strict-Transport-Security "{{ trim $hsts }}";
{{ end }}
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}