From 5e1fc0ebc2761b4def7ab3dd2ad3e3386d4a0ce4 Mon Sep 17 00:00:00 2001
From: Artiume <siderite@gmail.com>
Date: Fri, 7 Jun 2019 20:24:19 -0400
Subject: [PATCH] Update firefox.yml

Adds HSTS Compliance
---
 apps/firefox.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/apps/firefox.yml b/apps/firefox.yml
index 87c4bab..c1bd84c 100644
--- a/apps/firefox.yml
+++ b/apps/firefox.yml
@@ -49,6 +49,16 @@
           traefik.enable: 'true'
           traefik.port: '{{intport}}'
           traefik.frontend.rule: 'Host:{{pgrole}}.{{domain.stdout}},{{tldset}}'
+          traefik.frontend.headers.SSLHost: '{{domain.stdout}}'
+          traefik.frontend.headers.SSLRedirect: 'true'
+          traefik.frontend.headers.STSIncludeSubdomains: 'true'
+          traefik.frontend.headers.STSPreload: 'true'
+          traefik.frontend.headers.STSSeconds: '315360000'
+          traefik.frontend.headers.browserXSSFilter: 'true'
+          traefik.frontend.headers.contentTypeNosniff: 'true'
+          traefik.frontend.headers.customResponseHeaders: 'X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex'
+          traefik.frontend.headers.forceSTSHeader: 'true'
+          #traefik.frontend.headers.frameDeny: 'true'
 
     - name: 'Setting PG Volumes'
       set_fact: