# HG changeset patch
# User IBBoard <dev@ibboard.co.uk>
# Date 1577622314 0
# Node ID 5a903aa91469d2045ba664f4a3cbaab90aae47a8
# Parent  5abf769533602d5b31152bada93a5c3675ecd61b
Change header types and add module to fix NextCloud header checks

We had SetEnvIf but not a standard Env

"Header always set" and "Header set" are not the same and result
in concatenated values

diff -r 5abf76953360 -r 5a903aa91469 modules/website/manifests/init.pp
--- a/modules/website/manifests/init.pp	Wed Dec 25 12:04:26 2019 +0000
+++ b/modules/website/manifests/init.pp	Sun Dec 29 12:25:14 2019 +0000
@@ -48,7 +48,10 @@
   }
   apache::mod {
     'rewrite':;
-    'expires':; 'setenvif':; 'headers':;
+    'expires':;
+    'env':;
+    'setenvif':;
+    'headers':;
     'version':;
   }
 
diff -r 5abf76953360 -r 5a903aa91469 modules/website/templates/https_core_conf.erb
--- a/modules/website/templates/https_core_conf.erb	Wed Dec 25 12:04:26 2019 +0000
+++ b/modules/website/templates/https_core_conf.erb	Sun Dec 29 12:25:14 2019 +0000
@@ -1,9 +1,9 @@
 Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"
 Header always set Content-Security-Policy "upgrade-insecure-requests; <%= @csp_string %>"
 Header always set Content-Security-Policy-Report-Only "<%= @csp_report_string %>"
-Header set X-Xss-Protection "1; mode=block"
-Header set X-Content-Type-Options "nosniff"
-Header set X-Frame-Options "SAMEORIGIN"
+Header always set X-Xss-Protection "1; mode=block"
+Header always set X-Content-Type-Options "nosniff"
+Header always set X-Frame-Options "SAMEORIGIN"
 
 RewriteCond %{HTTP_HOST} !=<%= @primary_name %>
 RewriteRule ^(.*)$ https://<%= @primary_name %>$1 [R=301,L]