36 lines
862 B
Plaintext
36 lines
862 B
Plaintext
http {
|
|
# SSL CONFIGURATION
|
|
# Key locations
|
|
ssl_certificate /etc/letsencrypt/live/your.domain.here/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/your.domain.here/privkey.pem;
|
|
|
|
# Allowed protocols
|
|
ssl_protocols TLSv1.2;
|
|
|
|
# Allowed cyphers
|
|
# ssl_ciphers EECDH+CHACHA20:EECDH+AES;
|
|
|
|
# Cache settings
|
|
ssl_session_cache shared:SSL:10m;
|
|
ssl_session_timeout 10m;
|
|
|
|
# Still gotta figure out what these do
|
|
# ssl_session_tickets off;
|
|
# ssl_prefer_server_ciphers on;
|
|
# ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;
|
|
|
|
|
|
# Auto-route all HTTP requests to HTTPS
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name _;
|
|
|
|
return 301 https://$host:443$request_uri;
|
|
}
|
|
|
|
|
|
# LOAD SITES
|
|
include sites_enabled/*.conf;
|
|
}
|