infra

AFPy/infra

History

Julien Palard b2af1120f9 Update SSL config. While proofreading the config, and checking if it was up to date according to: - Mozilla recommandations - SSLtest - testssl.sh I spotted an issue in the HSTS header: $ curl -I https://afpy.org [...] Strict-Transport-Security: max-age=63072000; always the `always` part is an nginx config token, not a cookie value. So I simplified the conf so we can more easily copy/paste from Mozilla generator, which obviously removed the bug.	2023-01-13 17:16:49 +01:00
..
letsencrypt.conf.j2	Update SSL config.	2023-01-13 17:16:49 +01:00

While proofreading the config, and checking if it was up to date
according to:

- Mozilla recommandations
- SSLtest
- testssl.sh

I spotted an issue in the HSTS header:

$ curl -I https://afpy.org
[...]
Strict-Transport-Security: max-age=63072000; always

the `always` part is an nginx config token, not a cookie value.

So I simplified the conf so we can more easily copy/paste from Mozilla
generator, which obviously removed the bug.

2023-01-13 17:16:49 +01:00

letsencrypt.conf.j2

Update SSL config.

2023-01-13 17:16:49 +01:00