Enabling STS in docker-compose environment

[siebo]

I'm using docker-compose and attempting to enable STS by using a volume-based override in my docker-compose.yml

  nginx:
    image: valian/docker-nginx-auto-ssl
    restart: on-failure
    ports:
      - 80:80
      - 443:443
    volumes:
      - ssl_data:/etc/resty-auto-ssl
      - ./docker/nginx/ssl.conf:/usr/local/openresty/nginx/conf/ssl.conf
    env_file:
      - ./.env.nginx

My local version of ssl.conf has the following line uncommented, and is otherwise unchanged:

add_header Strict-Transport-Security max-age=15768000;

However, after I run my docker-compose build, this setting does not appear to be applied.

I can docker-compose exec nginx sh and check that file in my container, and it does indeed contain the uncommented line.

However, this header is not set when I check via the Firefox devtools.

Am I missing something here? I'd like to make this change as surgically as possible.

Thanks

[siebo]

Turns out the issue was due to add_header not being available in the openresty mods. However, the headers-more-nginx-module is, so the line in ssl.conf should be changed to

more_set_headers 'Strict-Transport-Security max-age=15768000';

[Valian]

Hi @siebo ! Nice that you resolved your issue :) Some notes:

• When using volumes you don't need to rebuild the image, it should work without building
• you can start docker container and exec into it to look around, if files are really as you expect them to be. Something like docker ps to figure out the name, and docker exec -it $NAME bash would start the shell inside the container.

Hope this image will be useful to you!