forked from exozyme/nginx
22 lines
686 B
Nginx Configuration File
22 lines
686 B
Nginx Configuration File
# SSL
|
|
ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/exozy.me/privkey.pem;
|
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
|
ssl_stapling on;
|
|
ssl_stapling_verify on;
|
|
ssl_trusted_certificate /etc/letsencrypt/live/exozy.me/chain.pem;
|
|
|
|
# Log to system journal
|
|
access_log syslog:server=unix:/dev/log;
|
|
error_log syslog:server=unix:/dev/log;
|
|
|
|
# Disable symlinks so users can't make nginx follow symlinks to sensitive files
|
|
disable_symlinks if_not_owner;
|
|
|
|
# Force UTF-8 because why not
|
|
charset utf-8;
|
|
|
|
# Yay HTTP/2!
|
|
http2 on;
|