diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml
index 496df1be..a524b92f 100644
--- a/charts/nextcloud/Chart.yaml
+++ b/charts/nextcloud/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: nextcloud
-version: 6.1.0
+version: 6.2.0
 appVersion: 30.0.0
 description: A file sharing server that puts the control and security of your own data back into your hands.
 keywords:
diff --git a/charts/nextcloud/files/nginx.config.tpl b/charts/nextcloud/files/nginx.config.tpl
index 59d68f35..f38f206c 100644
--- a/charts/nextcloud/files/nginx.config.tpl
+++ b/charts/nextcloud/files/nginx.config.tpl
@@ -20,7 +20,9 @@ server {
     # will add the domain to a hardcoded list that is shipped
     # in all major browsers and getting removed from this list
     # could take several months.
-    #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+    {{- with .Values.nginx.config.header.hsts }}
+    add_header Strict-Transport-Security {{ . | quote }} always;
+    {{- end }}
 
     # set max upload size
     client_max_body_size 10G;
diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml
index 7acc2ff1..04fcaa3f 100644
--- a/charts/nextcloud/values.yaml
+++ b/charts/nextcloud/values.yaml
@@ -331,6 +331,16 @@ nginx:
   config:
     # This generates the default nginx config as per the nextcloud documentation
     default: true
+    header:
+      # -- HSTS settings
+      # WARNING: Only add the preload option once you read about
+      # the consequences in https://hstspreload.org/. This option
+      # will add the domain to a hardcoded list that is shipped
+      # in all major browsers and getting removed from this list
+      # could take several months.
+      # example: hsts: "max-age=15768000; includeSubDomains; preload;"
+      hsts:
+
     custom:
     # custom: |-
     #     worker_processes  1;..