luzifer-ansible/nginx-letsencrypt
1
0
Fork 0
mirror of https://github.com/luzifer-ansible/nginx-letsencrypt.git synced 2024-09-16 13:28:24 +00:00
Code Issues Releases Wiki Activity

By default enable ssl_session_cache

Browse Source 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-04-29 13:48:06 +02:00
parent 3a5062f367
commit 6d8597143a
Signed by: luzifer
GPG Key ID: DC2729FDD34BE99E
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
templates/nginx.conf.j2
View File

@ -34,6 +34,7 @@ http {
ssl_ciphers {{ nginx_letsencrypt_config.ssl_ciphers | default('ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256') }};
ssl_prefer_server_ciphers {{ nginx_letsencrypt_config.ssl_prefer_server_ciphers | default('on') }};
ssl_buffer_size {{ nginx_letsencrypt_config.ssl_buffer_size | default('8k') }};
ssl_session_cache {{ nginx_letsencrypt_config.ssl_session_cache | default('shared:ssl_session_cache:10m') }};
ssl_stapling {{ nginx_letsencrypt_config.ssl_stapling | default('on') }};
ssl_stapling_verify {{ nginx_letsencrypt_config.ssl_stapling_verify | default('on') }};