always directive managed for add_header option
parent
02994af5ee
commit
96e406c791
|
@ -15,7 +15,7 @@ Common
|
||||||
- `delete`: (O) Delete the vhost (default is false)
|
- `delete`: (O) Delete the vhost (default is false)
|
||||||
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
||||||
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
||||||
- `headers`: (O) Set additionals header as key/value list.
|
- `headers`: (O) Set additionals header as key/value list. You can append "always" to the value. Show [nginx doc](http://nginx.org/en/docs/http/ngx_http_headers_module.html).
|
||||||
- `redirect_to_code`: Redirect code (default: 302)
|
- `redirect_to_code`: Redirect code (default: 302)
|
||||||
- `redirect_https`: (O) Boolean. Redirect HTTP to HTTPS. If "true", you _MUST_ set `proto` to ```['https']```.
|
- `redirect_https`: (O) Boolean. Redirect HTTP to HTTPS. If "true", you _MUST_ set `proto` to ```['https']```.
|
||||||
- `location`: (O) Add new custom locations (it does not overwrite!)
|
- `location`: (O) Add new custom locations (it does not overwrite!)
|
||||||
|
|
|
@ -6,7 +6,7 @@ ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
ssl_session_cache shared:SSL:10m;
|
ssl_session_cache shared:SSL:10m;
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') %} always{% endif %};
|
||||||
{% if nginx_version.stdout | version_compare('1.3.7', 'ge') %}
|
{% if nginx_version.stdout | version_compare('1.3.7', 'ge') %}
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
|
|
|
@ -6,7 +6,7 @@ ssl_ciphers "AES256+EECDH:AES256+EDH";
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
ssl_session_cache shared:SSL:10m;
|
ssl_session_cache shared:SSL:10m;
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') %} always{% endif %};
|
||||||
{% if nginx_version.stdout | version_compare('1.3.7', 'ge') %}
|
{% if nginx_version.stdout | version_compare('1.3.7', 'ge') %}
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
|
|
|
@ -62,7 +62,7 @@ server {
|
||||||
|
|
||||||
# --> Custom headers
|
# --> Custom headers
|
||||||
{% for key, value in __headers.iteritems() %}
|
{% for key, value in __headers.iteritems() %}
|
||||||
add_header {{ key }} {{ value }};
|
add_header {{ key }} {{ value | replace(' always', '') }}{% if nginx_version.stdout | version_compare('1.7.5', 'ge') and ' always' in value %} always{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
# <-- Custom headers
|
# <-- Custom headers
|
||||||
|
|
||||||
|
|
|
@ -108,7 +108,7 @@
|
||||||
filename : 'first-test'
|
filename : 'first-test'
|
||||||
override_try_files: '$uri $uri index.htm index.html'
|
override_try_files: '$uri $uri index.htm index.html'
|
||||||
headers:
|
headers:
|
||||||
'X-Frame-Options': 'deny'
|
'X-Frame-Options': 'deny always'
|
||||||
'X-ansible-default': '1'
|
'X-ansible-default': '1'
|
||||||
manage_local_content: false
|
manage_local_content: false
|
||||||
use_error_log: false
|
use_error_log: false
|
||||||
|
|
Loading…
Reference in New Issue