kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 2 Releases Activity

bundles/nginx: add metadata option to disable https

Browse source
This commit is contained in:
Franzi 2020-09-20 14:36:43 +02:00
parent 2ac2982463
commit d6799088c4
Signed by: kunsi
GPG key ID: 12E3D2136B818350
3 changed files with 23 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

5
bundles/nginx/files/site_template
View file

@ -3,6 +3,7 @@ server {
root ${webroot if webroot else '/var/www/{}/'.format(domain)};
index ${index if index else 'index.html index.htm'};
% if node.metadata['nginx']['use_ssl_for_all_connections']:
listen 443 ssl http2;
listen [::]:443 ssl http2;
@ -14,6 +15,10 @@ server {
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
% else:
listen 80 http2;
listen [::]:80 http2;
% endif
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;