gnuviech/gvasalt
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
gvasalt/states/webserver/nginx-ssl.conf
Jan Dittberner 3fd146215f Rename roots to states 
This commit renames the roots directory to states because it contains
salt states.
2016-01-31 21:16:14 +01:00

16 lines
457 B
Plaintext
Raw Blame History

# Default TLS settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers kEECDH+AESGCM:kEECDH+AES:kEECDH:EDH+AESGCM:kEDH+AES:kEDH:AESGCM:ALL:!LOW:!EXP:!MD5:!aNULL:!eNULL:!RC4:!DSS;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_dhparam {{ salt['pillar.get']('nginx:sslcertdir', '/etc/nginx/ssl/certs') }}/dhparams.pem;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
# use Google's DNS
resolver 8.8.8.8;
resolver_timeout 5s;
Reference in a new issue View git blame Copy permalink