radityo/ansible-nginx
1
0
Fork 0
mirror of https://github.com/HanXHX/ansible-nginx.git synced 2026-02-24 09:03:29 +07:00
Code Issues Projects Releases Wiki Activity

always directive managed for add_header option

Browse Source
This commit is contained in:
Emilien Mantel
2016-03-15 15:30:22 +01:00
parent 02994af5ee
commit 96e406c791
5 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
templates/etc/nginx/helper/ssl-legacy.j2
View File

@@ -6,7 +6,7 @@ ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') %} always{% endif %};
{% if nginx_version.stdout | version_compare('1.3.7', 'ge') %}
ssl_stapling on;
ssl_stapling_verify on;

2
templates/etc/nginx/helper/ssl-strong.j2
View File

@@ -6,7 +6,7 @@ ssl_ciphers "AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') %} always{% endif %};
{% if nginx_version.stdout | version_compare('1.3.7', 'ge') %}
ssl_stapling on;
ssl_stapling_verify on;

2
templates/etc/nginx/sites-available/_base.j2
View File

@@ -62,7 +62,7 @@ server {
# --> Custom headers
{% for key, value in __headers.iteritems() %}
add_header {{ key }} {{ value }};
add_header {{ key }} {{ value | replace(' always', '') }}{% if nginx_version.stdout | version_compare('1.7.5', 'ge') and ' always' in value %} always{% endif %};
{% endfor %}
# <-- Custom headers