Merge patch to enable HSTS on id.fp.o. #4991

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

roles/httpd/reverseproxy/templates/reversepassproxy.id.conf

@@ -2,6 +2,12 @@ RequestHeader unset Expect early
 RequestHeader set X-Forwarded-Scheme https early
 RequestHeader set X-Forwarded-Proto https early
 
+# Cannot redirect to HTTPS for *.id.fedoraproject.org or set 
+# "includeSubdomains", because relying parties need to be able to access 
+# username.id.fedoraproject.org via plain HTTP 
+Header always add Strict-Transport-Security "max-age=15768000; preload" 
+
+
 RewriteEngine on
 
 RewriteMap lowercase int:tolower