diff options
author | Christian Pointner <equinox@spreadspace.org> | 2019-10-12 05:36:28 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2019-10-12 05:36:28 +0200 |
commit | 8477c34bb3470341fb8ebb7b18d3d694d2941f3b (patch) | |
tree | a73cb6a053dab23b4cf1a6ef8dc92d5e214cd862 /files/common/nginx-snippets | |
parent | sk-cloudia nginx role (diff) |
refactoring nginx config snippets
Diffstat (limited to 'files/common/nginx-snippets')
-rw-r--r-- | files/common/nginx-snippets/hsts.conf | 1 | ||||
-rw-r--r-- | files/common/nginx-snippets/proxy-nobuff.conf | 4 | ||||
-rw-r--r-- | files/common/nginx-snippets/security-headers.conf | 4 | ||||
-rw-r--r-- | files/common/nginx-snippets/ssl.conf | 10 |
4 files changed, 0 insertions, 19 deletions
diff --git a/files/common/nginx-snippets/hsts.conf b/files/common/nginx-snippets/hsts.conf deleted file mode 100644 index 4ca8396e..00000000 --- a/files/common/nginx-snippets/hsts.conf +++ /dev/null @@ -1 +0,0 @@ -add_header Strict-Transport-Security max-age=15768000; diff --git a/files/common/nginx-snippets/proxy-nobuff.conf b/files/common/nginx-snippets/proxy-nobuff.conf deleted file mode 100644 index b08de70c..00000000 --- a/files/common/nginx-snippets/proxy-nobuff.conf +++ /dev/null @@ -1,4 +0,0 @@ -proxy_buffering off; -proxy_ignore_headers "X-Accel-Buffering"; -proxy_request_buffering off; -proxy_http_version 1.1; diff --git a/files/common/nginx-snippets/security-headers.conf b/files/common/nginx-snippets/security-headers.conf deleted file mode 100644 index b94d479d..00000000 --- a/files/common/nginx-snippets/security-headers.conf +++ /dev/null @@ -1,4 +0,0 @@ -add_header X-Frame-Options DENY; -add_header X-Content-Type-Options nosniff; -add_header X-XSS-Protection "1; mode=block"; -# add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'"; diff --git a/files/common/nginx-snippets/ssl.conf b/files/common/nginx-snippets/ssl.conf deleted file mode 100644 index d187a7c0..00000000 --- a/files/common/nginx-snippets/ssl.conf +++ /dev/null @@ -1,10 +0,0 @@ -ssl_protocols TLSv1 TLSv1.1 TLSv1.2; -ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AES:!ADH:!AECDH:!MD5; -ssl_prefer_server_ciphers on; - -# openssl dhparam -out /etc/ssl/certs/dhparams.pem 2048 -ssl_dhparam /etc/ssl/dhparams.pem; - -ssl_session_cache shared:SSL:10m; -ssl_session_timeout 10m; -ssl_session_tickets off; |