kazu634/nginx-config
1
0
Fork 0
mirror of https://github.com/kazu634/nginx-config.git synced 2025-02-27 21:43:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
main
nginx-config/sites-available/blog-staging

44 lines
1.3 KiB
Plaintext
Raw Permalink Blame History

server {
listen 443 quic reuseport;
listen 443 ssl;
http2 on;
http3 on;
server_name test.kazu634.com;
ssl_certificate /etc/lego/.lego/certificates/_.kazu634.com.crt;
ssl_certificate_key /etc/lego/.lego/certificates/_.kazu634.com.key;
ssl_dhparam /etc/lego/dhparams_4096.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:3m;
ssl_buffer_size 4k;
ssl_session_tickets off;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s;
# Enable HSTS (HTTP Strict Transport Security)
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
root /var/www/test;
index index.html index.htm;
access_log /var/log/nginx/stag.access.log json;
error_log /var/log/nginx/stag.error.log;
large_client_header_buffers 8 32k;
location / {
auth_basic "限定公開中なのでユーザー名とパスワードを入れてください";
auth_basic_user_file "/etc/nginx/basic-auth";
try_files $uri $uri/ /index.html;
}
}
Reference in New Issue View Git Blame Copy Permalink