Minecon724/dream-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update nginx/nginx.conf

Browse source
This commit is contained in:
Minecon724 2025-01-07 16:08:34 +01:00
parent f2b6d40ce2
commit e770c6dc98
1 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
nginx/nginx.conf
View file

@ -31,12 +31,19 @@ http {
keepalive_timeout 65; keepalive_timeout 65;
gzip on; gzip on;
http2 on;
add_header Alt-Svc 'h3=":443"; ma=86400';
# modern configuration # modern configuration
ssl_protocols TLSv1.3; ssl_protocols TLSv1.3;
ssl_ecdh_curve X25519:prime256v1:secp384r1; ssl_ecdh_curve X25519:prime256v1:secp384r1;
ssl_prefer_server_ciphers off; ssl_prefer_server_ciphers off;
# Make sure to generate it first
ssl_dhparam /etc/ssl/dhparam.pem;
# OCSP stapling # OCSP stapling
ssl_stapling on; ssl_stapling on;
ssl_stapling_verify on; ssl_stapling_verify on;
@ -62,7 +69,9 @@ http {
listen 443 quic reuseport default_server; listen 443 quic reuseport default_server;
listen [::]:443 ssl default_server; listen [::]:443 ssl default_server;
return 200; # Make sure to generate
ssl_certificate snakeoil.pem;
ssl_certificate_key snakeoil.key;
} }
include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf.d/*.conf;