gnuviech/gvaldap
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
gvaldap/salt/roots/webserver/nginx-ssl.conf
Jan Dittberner 6a8997e950 Add initial Vagrant/Saltstack setup 
This commit adds an initial Vagrant and Saltstack setup that reuses the
same configuration as that of the gva repository. The LDAP server itself
is not configured yet.
2016-01-29 23:26:57 +01:00

16 lines
457 B
Plaintext
Raw Blame History

# Default TLS settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers kEECDH+AESGCM:kEECDH+AES:kEECDH:EDH+AESGCM:kEDH+AES:kEDH:AESGCM:ALL:!LOW:!EXP:!MD5:!aNULL:!eNULL:!RC4:!DSS;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_dhparam {{ salt['pillar.get']('nginx:sslcertdir', '/etc/nginx/ssl/certs') }}/dhparams.pem;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
# use Google's DNS
resolver 8.8.8.8;
resolver_timeout 5s;
Reference in a new issue View git blame Copy permalink