diff options
author | Jesse Luehrs <doy@tozt.net> | 2018-11-13 00:19:06 -0500 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2018-11-13 00:19:06 -0500 |
commit | bf33ac997636c4b6c199cfff1e171ffaff437c91 (patch) | |
tree | 2f3d94f0ad3fddde69fec83c4d65356d60dea479 /modules/nginx/files | |
parent | b5fe67cdda8f05ffe814a923b1a69f7169b9db5c (diff) | |
download | puppet-tozt-bf33ac997636c4b6c199cfff1e171ffaff437c91.tar.gz puppet-tozt-bf33ac997636c4b6c199cfff1e171ffaff437c91.zip |
actually, let's make this shared again
Diffstat (limited to 'modules/nginx/files')
-rw-r--r-- | modules/nginx/files/dhparam.pem | 13 | ||||
-rw-r--r-- | modules/nginx/files/mime.types.paste | 57 | ||||
-rw-r--r-- | modules/nginx/files/nginx.conf | 16 | ||||
-rw-r--r-- | modules/nginx/files/ssl | 12 |
4 files changed, 98 insertions, 0 deletions
diff --git a/modules/nginx/files/dhparam.pem b/modules/nginx/files/dhparam.pem new file mode 100644 index 0000000..4aa2270 --- /dev/null +++ b/modules/nginx/files/dhparam.pem @@ -0,0 +1,13 @@ +-----BEGIN DH PARAMETERS----- +MIICCAKCAgEA2Ch/tJWN/Hm/Go2T9Ok542zBAJJxmrIn8ghj/etM1uVQ8viqqDy/ +2RRswFeVJE8S5tf7W7+rPWVp1NzK7Fbxn1eb0r/MdnwgCkzBK2YcbQ6skZZz7lyd +SXXac4YrdkaG60Bm2WtmHs73pptbxBTkt55yAdTyhm8fvVZewAn2a8GRgn/X9Nb6 +YcpbLa6yh0TA1YP/CckMN5yxI761IXpKXuDMMz/PjI9xK2NSXRCgknrHa71w7E9U +x86EyeA8VB2baZ2ct0KlaK5MaFPLSSCPBQYxigCvH6apH+U9pho4YSdZL3wLjtzO +mN7Z8FdhPr2P/Dk0HI4Y2LzJiAQoU2t7zMrGb4y/27zFrApUed6q1lbvJW46g+o0 +zy3fe1nwZ9Ibq0TA6FH0S+FRrSYrJEN1vqosoGJjLJteyddqLV8d6XRhrZaCJmWq +itlqbYlnbK+rlxlJyuDC6wLMTxa/zYMvYSM0Ez8KKDLh3GNMqiEbccCuS77gvPKP +hj4Gy0jslUSYSjJebot+wIQsGmAnL5CozEXdGMVahoqZWcqRRGsoVM/3vZ53uLgL +Cs027wnvkeAnX1sxV/KnrovpVPISkQvG0awCZkjroKMRq33fgymvvvcHo7pGcef+ +7S0XsFBit8LrBT1XGx3VknC8XZ6hAACY1FDMth2J4dx8kqVnd2PH1dMCAQI= +-----END DH PARAMETERS----- diff --git a/modules/nginx/files/mime.types.paste b/modules/nginx/files/mime.types.paste new file mode 100644 index 0000000..a32e153 --- /dev/null +++ b/modules/nginx/files/mime.types.paste @@ -0,0 +1,57 @@ +types { + image/gif gif; + image/jpeg jpeg jpg; + + image/png png; + image/tiff tif tiff; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + application/java-archive jar war ear; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.ms-excel xls; + application/vnd.ms-powerpoint ppt; + application/vnd.wap.wmlc wmlc; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-xpinstall xpi; + application/zip zip; + + application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; + application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream eot; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mpeg mpeg mpg; + video/quicktime mov; + video/x-flv flv; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} +# vim:ft=nginx diff --git a/modules/nginx/files/nginx.conf b/modules/nginx/files/nginx.conf new file mode 100644 index 0000000..895330e --- /dev/null +++ b/modules/nginx/files/nginx.conf @@ -0,0 +1,16 @@ +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + gzip on; + keepalive_timeout 65; + + include /etc/nginx/sites-enabled/*; +} diff --git a/modules/nginx/files/ssl b/modules/nginx/files/ssl new file mode 100644 index 0000000..6248ac8 --- /dev/null +++ b/modules/nginx/files/ssl @@ -0,0 +1,12 @@ +ssl on; +ssl_certificate /media/persistent/certbot/live/tozt.net/fullchain.pem; +ssl_certificate_key /media/persistent/certbot/live/tozt.net/privkey.pem; +ssl_protocols TLSv1.1 TLSv1.2; +ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; +ssl_dhparam /etc/nginx/dhparam.pem; +ssl_prefer_server_ciphers on; +ssl_session_cache shared:SSL:10m; +ssl_stapling on; +ssl_stapling_verify on; + +# vim:ft=nginx |