mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(ops/modules/www): drop hsts for .dev

Browse source 
The .dev TLS is on the HSTS preload list, so there's no need to set this
header here at all.

Change-Id: I253fa2427e75bd0808945cd5d53159cac74e7f8b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11018
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This commit is contained in:
Florian Klink 2024-02-24 01:41:31 +07:00 committed by clbot
parent f3faeae52a
commit 515d933808
1 changed files with 0 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
ops/modules/www/tvix.dev.nix
View file

@ -11,20 +11,12 @@
enableACME = true;
forceSSL = true;
root = depot.tvix.website;
extraConfig = ''
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
'';
};
services.nginx.virtualHosts."bolt.tvix.dev" = {
root = depot.web.tvixbolt;
enableACME = true;
forceSSL = true;
extraConfig = ''
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
'';
};
# old domain, serve redirect
@ -40,8 +32,6 @@
forceSSL = true;
extraConfig = ''
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
location = / {
# until we have a better default page here
return 301 https://docs.tvix.dev/rust/tvix_eval/index.html;