Nginx now uses template syntax for easier config
This commit is contained in:
parent
69fadcbbed
commit
929d1e2cf4
8 changed files with 114 additions and 47 deletions
35
nginx/templates/http.conf.template
Normal file
35
nginx/templates/http.conf.template
Normal file
|
|
@ -0,0 +1,35 @@
|
|||
http {
|
||||
# SSL CONFIGURATION
|
||||
# Key locations
|
||||
ssl_certificate /etc/letsencrypt/live/${MAIN_DOMAIN}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/${MAIN_DOMAIN}/privkey.pem;
|
||||
|
||||
# Allowed protocols
|
||||
ssl_protocols TLSv1.2;
|
||||
|
||||
# Allowed cyphers
|
||||
# ssl_ciphers EECDH+CHACHA20:EECDH+AES;
|
||||
|
||||
# Cache settings
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
|
||||
# Still gotta figure out what these do
|
||||
ssl_session_tickets off;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;
|
||||
|
||||
|
||||
# Auto-route all HTTP requests to HTTPS
|
||||
server {
|
||||
listen ${HTTP_PORT};
|
||||
listen [::]:${HTTP_PORT};
|
||||
server_name _;
|
||||
|
||||
return 301 https://$host:${HTTPS_PORT}$request_uri;
|
||||
}
|
||||
|
||||
|
||||
# LOAD SITES
|
||||
include sites-enabled/*.conf;
|
||||
}
|
||||
Reference in a new issue