diff options
| author | Bryan Newbold <bnewbold@archive.org> | 2022-06-22 20:58:55 -0700 |
|---|---|---|
| committer | Bryan Newbold <bnewbold@archive.org> | 2022-06-22 21:00:08 -0700 |
| commit | 678119e4cd517f7b39d23ae6384f7ec6e24bb1a2 (patch) | |
| tree | 2f1e0978250d372273cfd864bec41dc4f723569a | |
| parent | 5d201f7d9b55ff50753da2456634a3e51462ba1f (diff) | |
| download | infra-678119e4cd517f7b39d23ae6384f7ec6e24bb1a2.tar.gz infra-678119e4cd517f7b39d23ae6384f7ec6e24bb1a2.zip | |
nginx: update nginx.conf
| -rw-r--r-- | roles/nginx/templates/etc_nginx_nginx.conf.j2 | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/roles/nginx/templates/etc_nginx_nginx.conf.j2 b/roles/nginx/templates/etc_nginx_nginx.conf.j2 index 03e1a6c..7c99d7e 100644 --- a/roles/nginx/templates/etc_nginx_nginx.conf.j2 +++ b/roles/nginx/templates/etc_nginx_nginx.conf.j2 @@ -1,8 +1,9 @@ -{{ ansible_managed }} +# {{ ansible_managed }} user www-data; -worker_processes 4; +worker_processes auto; pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; @@ -22,7 +23,7 @@ http { types_hash_max_size 2048; # server_tokens off; - # server_names_hash_bucket_size 64; + server_names_hash_bucket_size 256; # server_name_in_redirect off; include /etc/nginx/mime.types; @@ -32,7 +33,7 @@ http { # SSL Settings ## - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:128m; |