diff --git a/nixos/programs/nginx.nix b/nixos/programs/nginx.nix
index bc5253b..3342278 100644
--- a/nixos/programs/nginx.nix
+++ b/nixos/programs/nginx.nix
@@ -7,6 +7,15 @@
     recommendedGzipSettings = true;
     recommendedProxySettings = true;
 
+    commonHttpConfig = ''
+      # Add HSTS header with preloading to HTTPS requests.
+      # Adding this header to HTTP requests is discouraged
+      map $scheme $hsts_header {
+          https   "max-age=31536000; includeSubdomains; preload";
+      }
+      add_header Strict-Transport-Security $hsts_header;
+    '';
+
     virtualHosts = {
       "nc.comfycamp.space" = {
         useACMEHost = "comfycamp.space";