Chmarkine has uploaded a new change for review.
https://gerrit.wikimedia.org/r/157789
Change subject: gerrit: Enable StrictTransportSecurity max-age=7days
......................................................................
gerrit: Enable StrictTransportSecurity max-age=7days
This enables HTTP Strict Transport Security (HSTS) on
gerrit with max-age=7 days.
Bug: 38516
Change-Id: I379248653df24799f15e53325eec482450ff3d92
---
M manifests/gerrit.pp
1 file changed, 3 insertions(+), 1 deletion(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/89/157789/1
diff --git a/manifests/gerrit.pp b/manifests/gerrit.pp
index 079bec2..6dabfce 100644
--- a/manifests/gerrit.pp
+++ b/manifests/gerrit.pp
@@ -26,7 +26,7 @@
$dbuser = $db_user
$dbpass = $passwords::gerrit::gerrit_db_pass
$bzpass = $passwords::gerrit::gerrit_bz_pass
- $ssl_settings = ssl_ciphersuite('apache-2.2', 'compat')
+ $ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '7')
# Setup LDAP
include ldap::role::config::labs
@@ -309,6 +309,8 @@
include ::apache::mod::proxy_http
include ::apache::mod::ssl
+
+ include ::apache::mod::headers
}
class gerrit::crons {
--
To view, visit https://gerrit.wikimedia.org/r/157789
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I379248653df24799f15e53325eec482450ff3d92
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Chmarkine <chmark...@hotmail.com>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
