bunkerweb 1.4.0

2022-06-03 17:24:14 +02:00
parent 3a078326c5
commit a9f886804a
5245 changed files with 1432051 additions and 27894 deletions
--- a/core/customcert/confs/server-http/custom-cert.conf
+++ b/core/customcert/confs/server-http/custom-cert.conf
@@ -0,0 +1,19 @@
+{% if USE_CUSTOM_HTTPS == "yes" +%}
+
+# listen on HTTPS PORT
+listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %} {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+
+# TLS config
+ssl_certificate {{ CUSTOM_HTTPS_CERT }};
+ssl_certificate_key {{ CUSTOM_HTTPS_KEY }};
+ssl_protocols {{ HTTPS_PROTOCOLS }};
+ssl_prefer_server_ciphers on;
+ssl_session_tickets off;
+ssl_session_timeout 1d;
+ssl_session_cache shared:MozSSL:10m;
+{% if "TLSv1.2" in HTTPS_PROTOCOLS +%}
+ssl_dhparam /etc/nginx/dhparam;
+ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+{% endif %}
+
+{% endif %}