HomePhabricator

ssl_ciphersuite: standardize STS preload

Authored by BBlack on Jun 6 2016, 2:10 PM.

Description

ssl_ciphersuite: standardize STS preload

Now that wikimedia.org can preload, switch the HSTS argument to a
boolean that always sets our standard 1y/includeSub/preload STS
string. The default/false leaves out HSTS completely, leaving it
up to manual config to set any HSTS, in case of e.g. labs-based
services which are outside the scope of our canonical
domains/policies.

Bug: T132685
Change-Id: I271336e264b01d7a352577dcc5afa0b4ca2be31f

Details

Committed
BBlackJun 6 2016, 6:44 PM
Parents
rOPUP6a6410048dc1: fix grafana(-admin) icinga checks
Branches
Unknown
Tags
Unknown
References
refs/changes/29/292929/7
ChangeId
I271336e264b01d7a352577dcc5afa0b4ca2be31f