Nginx - enable HTTP Strict Transport Security

Hi All,

I’ve trying to configure my gitlab.rb to enable HTTP Strict Transport Security to includeSubDomain. When i copy and comment out the header below, i get the following error that the syntax is incorrect. On the error message, there’s an arrow pointing to the " sign above ‘max age’. Does anyone know the correct syntax or line I should be using to enable this security header?

[Optional] Enable HTTP Strict Transport Security

## HSTS is a feature improving protection against MITM attacks

## For more information see: https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/

add_header Strict-Transport-Security “max-age=31536000” “includeSubDomains”;

There was an error running gitlab-ctl reconfigure:
/etc/gitlab/gitlab.rb:346: syntax error, unexpected tSTRING_BEG, expecting keyword_do or ‘{’ or ‘(’
…der Strict-Transport-Security “max-age=31536000” "includeSub…