diff options
Diffstat (limited to 'files/usr/local/etc/nginx/nginx.conf-acme')
| -rw-r--r-- | files/usr/local/etc/nginx/nginx.conf-acme | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/files/usr/local/etc/nginx/nginx.conf-acme b/files/usr/local/etc/nginx/nginx.conf-acme new file mode 100644 index 0000000..d77c0de --- /dev/null +++ b/files/usr/local/etc/nginx/nginx.conf-acme @@ -0,0 +1,55 @@ +worker_processes ${nginx_worker_processes}; +worker_rlimit_nofile ${nginx_nofile}; + +events { + worker_connections ${nginx_worker_connections}; +} + +http { + include mime.types; + default_type application/octet-stream; + index index.html; + + aio threads; + aio_write on; + sendfile on; + directio 4m; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + client_max_body_size 5m; + charset utf-8; + gzip on; + gzip_http_version 1.0; + gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json image/svg+xml; + + proxy_buffers 64 32k; + proxy_busy_buffers_size 64k; + fastcgi_buffers 64 32k; + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:10m; + ssl_session_tickets off; + ssl_protocols TLSv1.3; + ssl_prefer_server_ciphers off; + + map \$http_upgrade \$connection_upgrade { + default upgrade; + '' keep-alive; + } + + server { + listen 0.0.0.0:80 default_server; + listen [::]:80 default_server; + + include acme.conf; + + location / { + return 301 https://\$host\$request_uri; + } + } + + include vhost*.conf; +} |