app1: hsts enabled at backend
app2: hsts not enabled
I am trying to enable hsts for specific domain at nginx-ingress(https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/basic-configuration/)
however, I have one application in that cluster already have hsts enabled while the another not. So, if i add it at the config map it will take effect for both the service which will cause double hsts header for app 1.
I am currently enabling the hsts for all like as below:
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-config-map
namespace: default
data:
http2: "true"
ssl-redirect: "true"
ssl-protocols: TLSv1.2 TLSv1.3
ssl-prefer-server-ciphers: "true"
ssl-ciphers: #########
set-real-ip-from: 0.0.0.0/0
real-ip-header: X-Forwarded-For
# hsts enabled
server-snippets: 'add_header Strict-Transport-Security "max-age=31536000; includeSubDomains;"' not sure if I am working in the correct track to resolve the hsts, looking forward to hearing from others. :)
updates
i came across where I am able to perform an if else.. just wondering if there is anyway that i can differentiate by my virtual server?