Method to enable HSTS?

[bmcnally-uw]

Is there a method to enable HSTS for the RabbitMQ management service?

https://www.rabbitmq.com/management.html#hsts

I've tried variations of this without success:

rabbitmq::config_management_variables:
  'hsts_policy': 'max-age=31536000; includeSubDomains'

[wyardley]

Hi -- maybe it's a quoting thing? What's the specific error you're getting, and are you able to see what commands puppet is trying to run when you specify the above?

FWIW, I added the following unit test and it passed - is this what you'd expect to see in the config file?

diff --git a/spec/classes/rabbitmq_spec.rb b/spec/classes/rabbitmq_spec.rb
index 32e4e4a..4735d0b 100644
--- a/spec/classes/rabbitmq_spec.rb
+++ b/spec/classes/rabbitmq_spec.rb
@@ -1611,6 +1611,19 @@ describe 'rabbitmq' do
         end
       end
 
+      describe 'config_management_variables for hsts_policy' do
+        let(:params) do
+          { config_management_variables: {
+            'hsts_policy' => 'max-age=31536000; includeSubDomains'
+          } }
+        end
+
+        it 'sets config variables' do
+          is_expected.to contain_file('rabbitmq.config'). \
+            with_content(%r{\{hsts_policy, max-age=31536000; includeSubDomains\}})
+        end
+      end
+
       describe 'tcp_keepalive enabled' do
         let(:params) { { tcp_keepalive: true } }

This is the actual content of the config file it would generate (for that management section):

  {rabbitmq_management, [
    {hsts_policy, max-age=31536000; includeSubDomains}
,    {listener, [
      {port, 15672}
    ]} 
  ]}   
].