pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add OCSP stapling support and other SSL optimizations to Hydrogen vhost

Browse source 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
This commit is contained in:
Slavi Pantaleev 2021-05-21 13:40:37 +03:00 committed by GitHub
parent d0de21ab34
commit 6f80292745
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2
View file

@ -81,6 +81,18 @@ server {
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% if matrix_nginx_proxy_ocsp_stapling_enabled %}
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}
{% endif %}