corrado/nextcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1st commit - refined 2019 cfg + AI made README (I despise writing docs so it was either letting AI write README or having none, sorry)

Browse Source
This commit is contained in:
corrado.mulas
2026-05-19 00:00:03 +02:00
parent 910f9675b1
commit d1ab7d369c
22 changed files with 1439 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
nginx/conf.d/ssl.conf Normal file
View File

@@ -0,0 +1,20 @@
# This is an NGINX configuration file written and used by me in order to set a hardened TLS profile.
#
# (c) Corrado Mulas <tlc@mulas.me>
#
# For the full copyright and license information, please view the LICENSE
# file that was distributed with this source code.
ssl_dhparam /etc/ssl/private/dhparams.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers off;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
ssl_buffer_size 4k;