devops(caddy): apply full security_headers snippet to GlitchTip vhost

The GlitchTip vhost only had a manual HSTS header; the rest of the (security_headers) snippet (X-Content-Type-Options, Referrer-Policy, Permissions-Policy, -Server removal) was missing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-15 14:54:54 +02:00
parent 553e2f8898
commit 8cf3a2a726
1 changed files with 1 additions and 1 deletions
--- a/infra/caddy/Caddyfile
+++ b/infra/caddy/Caddyfile
@@ -95,6 +95,6 @@ grafana.archiv.raddatz.cloud {
 }

 glitchtip.archiv.raddatz.cloud {
-	header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+	import security_headers
 	reverse_proxy 127.0.0.1:3002
 }