templates/rails_app/config/server/nginx.conf.tt in railman-0.6.13 vs templates/rails_app/config/server/nginx.conf.tt in railman-0.6.14
- old
+ new
@@ -17,10 +17,12 @@
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://<%= @config.app_name %>;
+
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
}
client_max_body_size 100m;
error_page 500 502 503 504 /500.html;
@@ -31,17 +33,19 @@
add_header ETag "";
if ($request_filename ~* ^.*?\.(eot)|(ttf)|(woff)|(svg)|(otf)$){
add_header Access-Control-Allow-Origin *;
}
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
break;
}
location ~ ^/(assets)/ {
root /home/deploy/apps/<%= @config.app_name %>/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
}
# Let's Encrypt certificates
ssl_certificate /etc/letsencrypt/live/<%= @config.domain %>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<%= @config.domain %>/privkey.pem;