From fc003b3cbb5dc342e5d66d13061be722883132f5 Mon Sep 17 00:00:00 2001 From: Chewing_Bever Date: Mon, 4 Jan 2021 14:27:32 +0100 Subject: [PATCH] Split config file --- nginx/config/http | 25 +++++++++++++++++++++++++ nginx/config/nginx.conf | 8 ++++++++ nginx/docker-compose.yml | 19 +++++++++++++++++++ 3 files changed, 52 insertions(+) create mode 100644 nginx/config/http create mode 100644 nginx/config/nginx.conf create mode 100644 nginx/docker-compose.yml diff --git a/nginx/config/http b/nginx/config/http new file mode 100644 index 0000000..0710a30 --- /dev/null +++ b/nginx/config/http @@ -0,0 +1,25 @@ +http { + # SSL CONFIGURATION + # Key locations + ssl_certificate /etc/letsencrypt/live/karaoke.roosens.me/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/karaoke.roosens.me/privkey.pem; + + # Allowed protocols + ssl_protocols TLSv1.2; + + # Allowed cyphers + # ssl_ciphers EECDH+CHACHA20:EECDH+AES; + + # Cache settings + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + + # Still gotta figure out what these do + # ssl_session_tickets off; + # ssl_prefer_server_ciphers on; + # ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1; + + + # LOAD SITES + include conf.d/sites_enabled/*.conf; +} diff --git a/nginx/config/nginx.conf b/nginx/config/nginx.conf new file mode 100644 index 0000000..b745839 --- /dev/null +++ b/nginx/config/nginx.conf @@ -0,0 +1,8 @@ +# Run as nginx user +user nginx nginx; + +# Auto-detect the core count for worker processes +worker_processes auto; + +# Load config segments +include conf.d/http; diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml new file mode 100644 index 0000000..4e00eab --- /dev/null +++ b/nginx/docker-compose.yml @@ -0,0 +1,19 @@ +version: '3.5' +services: + nginx: + build: './nginx' + image: 'nginx-certbot:stable-alpine' + ports: + - '80:80' + - '443:443' + networks: + - 'nginx' + volumes: + - 'certs:/etc/letsencrypt' + - './config:/etc/nginx/conf.d' + +networks: + nginx: + +volumes: + certs: