Dzahn has submitted this change and it was merged.
Change subject: gerrit: Enable StrictTransportSecurity max-age=7days
..
gerrit: Enable StrictTransportSecurity max-age=7days
This enables HTTP Strict Transport Security (HSTS) on
gerrit with max-age=7 days.
Bug: 38516
Change-Id: I379248653df24799f15e53325eec482450ff3d92
---
M manifests/gerrit.pp
1 file changed, 3 insertions(+), 1 deletion(-)
Approvals:
CSteipp: Looks good to me, but someone else must approve
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/manifests/gerrit.pp b/manifests/gerrit.pp
index 079bec2..6dabfce 100644
--- a/manifests/gerrit.pp
+++ b/manifests/gerrit.pp
@@ -26,7 +26,7 @@
$dbuser = $db_user
$dbpass = $passwords::gerrit::gerrit_db_pass
$bzpass = $passwords::gerrit::gerrit_bz_pass
-$ssl_settings = ssl_ciphersuite('apache-2.2', 'compat')
+$ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '7')
# Setup LDAP
include ldap::role::config::labs
@@ -309,6 +309,8 @@
include ::apache::mod::proxy_http
include ::apache::mod::ssl
+
+include ::apache::mod::headers
}
class gerrit::crons {
--
To view, visit https://gerrit.wikimedia.org/r/157789
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I379248653df24799f15e53325eec482450ff3d92
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Chmarkine chmark...@hotmail.com
Gerrit-Reviewer: CSteipp cste...@wikimedia.org
Gerrit-Reviewer: Dzahn dz...@wikimedia.org
Gerrit-Reviewer: Giuseppe Lavagetto glavage...@wikimedia.org
Gerrit-Reviewer: JanZerebecki jan.wikime...@zerebecki.de
Gerrit-Reviewer: jenkins-bot
___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits