Dzahn has submitted this change and it was merged. Change subject: gerrit: Enable StrictTransportSecurity max-age=7days ......................................................................
gerrit: Enable StrictTransportSecurity max-age=7days This enables HTTP Strict Transport Security (HSTS) on gerrit with max-age=7 days. Bug: 38516 Change-Id: I379248653df24799f15e53325eec482450ff3d92 --- M manifests/gerrit.pp 1 file changed, 3 insertions(+), 1 deletion(-) Approvals: CSteipp: Looks good to me, but someone else must approve jenkins-bot: Verified Dzahn: Looks good to me, approved diff --git a/manifests/gerrit.pp b/manifests/gerrit.pp index 079bec2..6dabfce 100644 --- a/manifests/gerrit.pp +++ b/manifests/gerrit.pp @@ -26,7 +26,7 @@ $dbuser = $db_user $dbpass = $passwords::gerrit::gerrit_db_pass $bzpass = $passwords::gerrit::gerrit_bz_pass - $ssl_settings = ssl_ciphersuite('apache-2.2', 'compat') + $ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '7') # Setup LDAP include ldap::role::config::labs @@ -309,6 +309,8 @@ include ::apache::mod::proxy_http include ::apache::mod::ssl + + include ::apache::mod::headers } class gerrit::crons { -- To view, visit https://gerrit.wikimedia.org/r/157789 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I379248653df24799f15e53325eec482450ff3d92 Gerrit-PatchSet: 2 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Chmarkine <chmark...@hotmail.com> Gerrit-Reviewer: CSteipp <cste...@wikimedia.org> Gerrit-Reviewer: Dzahn <dz...@wikimedia.org> Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: JanZerebecki <jan.wikime...@zerebecki.de> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits