From 333cdc640a4995ad55564474b4ed53561195f84e Mon Sep 17 00:00:00 2001
From: Timo Wilken
Date: Sun, 21 Jan 2024 21:49:52 +0100
Subject: Set Strict-Transport-Security header for Nextcloud

Since Nextcloud is complaining about it.
---
 tw/services/nextcloud.scm | 1 +
 1 file changed, 1 insertion(+)

(limited to 'tw/services')

diff --git a/tw/services/nextcloud.scm b/tw/services/nextcloud.scm
index 92ec9a10..f8bef474 100644
--- a/tw/services/nextcloud.scm
+++ b/tw/services/nextcloud.scm
@@ -193,6 +193,7 @@ opcache.revalidate_freq=120
                              ((hdr . value)
                               `("add_header " ,hdr " \"" ,value "\" always;")))
                            '(("Referrer-Policy" . "no-referrer")
+                             ("Strict-Transport-Security" . "max-age=15552000")
                              ("X-Content-Type-Options" . "nosniff")
                              ("X-Frame-Options" . "SAMEORIGIN")
                              ("X-Permitted-Cross-Domain-Policies" . "none")
-- 
cgit v1.2.3