From 7854febb24ca49df1280f88338ee8a3401197002 Mon Sep 17 00:00:00 2001
From: gw3000 <weissenbaeck@posteo.de>
Date: Wed, 26 Jul 2023 23:31:17 +0200
Subject: [PATCH] again hsts

---
 docker-compose.prod.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 762e481..19f0f97 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -28,6 +28,7 @@ services:
       - "traefik.http.routers.django.rule=Host(`${ALLOWED_HOSTS}`)"
       - "traefik.http.routers.django.tls=true"
       - "traefik.http.routers.django.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.django.middlewares=djangoHeader"
   db:
     image: postgres:15-alpine
     volumes:
@@ -56,6 +57,11 @@ services:
       - "traefik.http.routers.dashboard.service=api@internal"
       - "traefik.http.routers.dashboard.middlewares=auth"
       - "traefik.http.middlewares.auth.basicauth.users=testuser:$$apr1$$jIKW.bdS$$eKXe4Lxjgy/rH65wP1iQe1"
+      #hsts
+      - "traefik.http.middlewares.djangoHeader.headers.stsSeconds=15552000"
+      - "traefik.http.middlewares.djangoHeader.headers.stsIncludeSubdomains=true"
+      - "traefik.http.middlewares.djangoHeader.headers.stsPreload=true"
+      - "traefik.http.middlewares.djangoHeader.headers.forceSTSHeader=true"
 
 volumes:
   postgres_data_prod: