Allow overriding Strict-Transport-Security

[nazar-pc]

Environment & Version

Environment

• docker compose
• kubernetes
• docker swarm

Version

• Version: 2.0

Description

Currently Mailu adds Strict-Transport-Security:

Mailu/core/nginx/conf/nginx.conf

Line 116 in 32d1c7d

add_header Strict-Transport-Security 'max-age=31536000';

But sometimes it is desirable to override that header to something stricter and even enable HSTS preloading, for which this would be necessary instead:

add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

Adding it on top results in two headers being added by Nginx, which is undesirable.

It'd be great if it wasn't necessary to override the whole Nginx config just for this.

[stale]

Issues not for bugs, enhancement requests or discussion go stale after 21 days of inactivity. This issue will be automatically closed after 14 days.
For all metrics refer to the stale.yml file.
Github issues are not meant for user support. For user-support questions, reach out on the matrix support channel.

Mark the issue as fresh by simply adding a comment to the issue.
If this issue is safe to close, please do so now.

[nazar-pc]

Not stale