From 8164e87052cfa2d4a2929a1d095222614c12b95e Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Fri, 1 Apr 2016 18:13:05 +0200 Subject: Set a HPKP on the webmail, website/wiki/git and list manager. --- roles/lists/files/etc/nginx/sites-available/sympa | 1 + 1 file changed, 1 insertion(+) (limited to 'roles/lists') diff --git a/roles/lists/files/etc/nginx/sites-available/sympa b/roles/lists/files/etc/nginx/sites-available/sympa index 79df229..732f09f 100644 --- a/roles/lists/files/etc/nginx/sites-available/sympa +++ b/roles/lists/files/etc/nginx/sites-available/sympa @@ -31,6 +31,7 @@ server { include snippets/ssl.conf; ssl_certificate /etc/nginx/ssl/lists.fripost.org.pem; ssl_certificate_key /etc/nginx/ssl/lists.fripost.org.key; + add_header Public-Key-Pins 'pin-sha256="OLx1hOEqnCdS/7ZgzTzAl8Ig/Cwpz5MY9J9Fishg6/0="; pin-sha256="v/Ow0Ou2m08HO10wxci1IVrMC/pbihnoDNxvUwKBsMY="; max-age=15778800'; location = / { return 302 /sympa$args; -- cgit v1.2.3