rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-02-19 13:54:25 +01:00
Code Issues Releases Activity

update nginx ssl config and version

Browse Source
This commit is contained in:
Du Peng 2020-03-09 16:57:43 +01:00
parent 138acba2ae
commit 274802988e
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
setup/docker-compose.yml
View File

@ -48,7 +48,7 @@ services:
restart: always
nginx:
image: nginx:1.9
image: nginx:latest
ports:
- "80:80"
- "443:443"

8
setup/nginx_with_ssl.conf.example
View File

@ -3,10 +3,10 @@ upstream puma {
}
server {
listen 443 ssl;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name MAIN_DOMAIN;
root /usr/src/app/public;
ssl on;
## with your ssl certificate
# ssl_certificate /etc/nginx/conf.d/ssl/MAIN_DOMAIN.crt;
# ssl_certificate_key /etc/nginx/conf.d/ssl/MAIN_DOMAIN.deprotected.key;
@ -16,9 +16,9 @@ server {
ssl_certificate /etc/letsencrypt/live/MAIN_DOMAIN/fullchain.pem;
ssl_trusted_certificate /etc/letsencrypt/live/MAIN_DOMAIN/chain.pem;
##
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'kEECDH+ECDSA+AES128 kEECDH+ECDSA+AES256 kEECDH+AES128 kEECDH+AES256 kEDH+AES128 kEDH+AES256 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !MD5 !EXP !DSS !PSK !SRP !kECDH !CAMELLIA !RC4 !SEED';
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_session_timeout 1d;