kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Enable IPv6 and HTTP2 on Mastodon

Browse Source
This commit is contained in:
Greg Karékinian 2017-04-07 18:26:49 +02:00
parent 99a5091760
commit 3549b8594a
1 changed files with 5 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
site-cookbooks/kosmos-mastodon/templates/default/nginx_conf_mastodon.erb
View File

@ -4,7 +4,8 @@ map $http_upgrade $connection_upgrade {
} }
server { server {
listen 80; listen 80; # IPv4
listen [::]:80; #IPv6
server_name <%= @server_name %>; server_name <%= @server_name %>;
access_log "/var/log/nginx/mastodon.access.log"; access_log "/var/log/nginx/mastodon.access.log";
@ -19,18 +20,13 @@ server {
} }
server { server {
listen 443 ssl; listen 443 ssl http2; #IPv4
listen [::]:443 ssl http2; #IPv6
server_name <%= @server_name %>; server_name <%= @server_name %>;
access_log "/var/log/nginx/mastodon.access.log"; access_log "/var/log/nginx/mastodon.access.log";
error_log "/var/log/nginx/mastodon.error.log"; error_log "/var/log/nginx/mastodon.error.log";
ssl_protocols TLSv1.2;
ssl_ciphers EECDH+AESGCM:EECDH+AES;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
<% if File.exist?(@ssl_cert) && <% if File.exist?(@ssl_cert) &&
File.exist?(@ssl_key) -%> File.exist?(@ssl_key) -%>
ssl_certificate <%= @ssl_cert %>; ssl_certificate <%= @ssl_cert %>;
@ -44,7 +40,7 @@ server {
root <%= @mastodon_path %>/public; root <%= @mastodon_path %>/public;
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
location / { location / {
try_files $uri @proxy; try_files $uri @proxy;