fix(nginx): typo with HSTS parameter

Not strictly case sensitive but every documentation uses this form.
Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

test/e2e2/spec/test_www.py

@@ -88,7 +88,7 @@ def test_unknown_hosts(api_anon, protocol, hostname):
 def test_security_headers(api_anon):
     api_anon.headers = {}
     expected_headers = {
-        'Strict-Transport-Security': 'max-age=31536000; includeSubdomains; preload',
+        'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload',
         'Content-Security-Policy': "default-src 'self'; frame-src 'none'; connect-src 'self'; font-src 'self' data:; "
                                    "img-src 'self' data:; media-src data:; script-src 'self' 'unsafe-eval'; "
                                    "style-src 'self' 'unsafe-inline'; base-uri 'self'; frame-ancestors 'none'; "

www/90-desec.static.dev.location

@@ -1,7 +1,7 @@
 location / {
     expires epoch;
     etag off;
-    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header Host "0.0.0.0";
 

www/conf/sites-available/85-redirects.conf.var

@@ -29,7 +29,7 @@ server {
 	include global.conf;
 
 	location / {
-		add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
+		add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
 		return 301 https://desec.$DESECSTACK_DOMAIN$request_uri;
 	}
 }
@@ -48,7 +48,7 @@ server {
         include global.conf;
 
         location / {
-                add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
+                add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
                 return 301 https://desec.$DESECSTACK_DOMAIN$request_uri;
         }
 }

www/conf/sites-available/90-desec.api.location.var

@@ -7,7 +7,7 @@ location /api/ {
 
     expires epoch;
     etag off;
-    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
     include uwsgi_params;
     uwsgi_pass desecapi;
 

www/conf/sites-available/90-desec.prometheus.location

@@ -4,7 +4,7 @@
 location /prometheus/ {
     expires epoch;
     etag off;
-    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
 
     auth_basic "Prometheus";
     auth_basic_user_file /etc/nginx/htpasswd;

www/conf/sites-available/90-desec.static.location

@@ -10,7 +10,7 @@ location / {
 
     location /index.html {  # Also includes / via internal redirect, see https://nginx.org/en/docs/http/ngx_http_index_module.html#index
         expires epoch;
-        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
         add_header Content-Security-Policy "default-src 'self'; frame-src 'none'; connect-src 'self'; font-src 'self' data:; img-src 'self' data:; media-src data:; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; base-uri 'self'; frame-ancestors 'none'; block-all-mixed-content; form-action 'none';" always;
         add_header X-Frame-Options "deny" always;
         add_header X-Content-Type-Options "nosniff" always;