From e5eacba0e7403dab84cf5e73a0e62aa9e353800c Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Fri, 14 Mar 2025 12:10:48 +0100 Subject: [PATCH] feat: add Strict-Transport-Security header in Caddyfile and update MariaDB version in Nextcloud docker-compose --- config/ansible/tasks/servers/services/caddy/Caddyfile.j2 | 3 +++ .../tasks/servers/services/nextcloud/docker-compose.yml.j2 | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 index bb5b14e..e211e9d 100644 --- a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 +++ b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 @@ -23,6 +23,9 @@ cloud.vleeuwen.me cloud.mvl.sh { redir /.well-known/caldav /remote.php/dav/ 301 reverse_proxy nextcloud:80 + header { + Strict-Transport-Security "max-age=15552000; includeSubDomains" + } tls {{ caddy_email }} } diff --git a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 index 2a05dce..392a0b3 100644 --- a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 +++ b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 @@ -1,6 +1,6 @@ services: db: - image: mariadb:10.5 + image: mariadb:11.4 command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW restart: unless-stopped volumes: