Initial commit

This commit is contained in:
Trey Blancher 2022-11-28 12:38:10 -05:00
parent 8613e2f680
commit 28778e5877
1 changed files with 38 additions and 0 deletions

nginx/nginx.conf Executable file
View File

@ -0,0 +1,38 @@
#user www-data;
worker_processes auto;
pid /run/;
#include /etc/nginx/modules-enabled/*.conf;
pcre_jit on;
error_log /var/log/nginx/error.log notice;
events {
worker_connections 1024;
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip off;
ssl_ciphers "EECDH+AESGCM:AES256+EECDH";
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age-63072000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Options nosniff;
ssl_session_tickets off;
server_tokens off;
ssl_stapling on;
ssl_stapling_verify on;
resolver valid=300s; # Google DNS
resolver_timeout 5s;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;