From 8164e87052cfa2d4a2929a1d095222614c12b95e Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Fri, 1 Apr 2016 18:13:05 +0200
Subject: Set a HPKP on the webmail, website/wiki/git and list manager.

---
 roles/lists/files/etc/nginx/sites-available/sympa | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roles/lists')

diff --git a/roles/lists/files/etc/nginx/sites-available/sympa b/roles/lists/files/etc/nginx/sites-available/sympa
index 79df229..732f09f 100644
--- a/roles/lists/files/etc/nginx/sites-available/sympa
+++ b/roles/lists/files/etc/nginx/sites-available/sympa
@@ -31,6 +31,7 @@ server {
     include snippets/ssl.conf;
     ssl_certificate     /etc/nginx/ssl/lists.fripost.org.pem;
     ssl_certificate_key /etc/nginx/ssl/lists.fripost.org.key;
+    add_header Public-Key-Pins 'pin-sha256="OLx1hOEqnCdS/7ZgzTzAl8Ig/Cwpz5MY9J9Fishg6/0="; pin-sha256="v/Ow0Ou2m08HO10wxci1IVrMC/pbihnoDNxvUwKBsMY="; max-age=15778800';
 
     location = / {
         return 302 /sympa$args;
-- 
cgit v1.2.3