Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Delta Between Two Patch Sets: modules/nginx/templates/nginx.conf.erb

Issue 6247625674194944: Issue 299 and issue 385 - Drop support for RC4 and support IE6/WinXP clients (Closed)
Left Patch Set: Created April 26, 2014, 10:10 p.m.
Right Patch Set: Slightly adjusted ciphers list Created April 27, 2014, 8:33 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « no previous file | no next file » | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 user <%= scope.lookupvar('nginx::params::user') %> <%= scope.lookupvar('nginx::p arams::group') %>; 1 user <%= scope.lookupvar('nginx::params::user') %> <%= scope.lookupvar('nginx::p arams::group') %>;
2 worker_processes <%= worker_processes %>; 2 worker_processes <%= worker_processes %>;
3 3
4 error_log /var/log/nginx/error.log notice; 4 error_log /var/log/nginx/error.log notice;
5 pid /var/run/nginx.pid; 5 pid /var/run/nginx.pid;
6 6
7 events { 7 events {
8 worker_connections <%= worker_connections %>; 8 worker_connections <%= worker_connections %>;
9 <% if scope.lookupvar('nginx::params::multi_accept') == 'on' %>multi_accept on ;<% end %> 9 <% if scope.lookupvar('nginx::params::multi_accept') == 'on' %>multi_accept on ;<% end %>
10 } 10 }
(...skipping 21 matching lines...) Expand all
32 tcp_nodelay <%= scope.lookupvar('nginx::params::tcp_nodelay') %>; 32 tcp_nodelay <%= scope.lookupvar('nginx::params::tcp_nodelay') %>;
33 33
34 <% if scope.lookupvar('nginx::params::gzip') == 'on' %> 34 <% if scope.lookupvar('nginx::params::gzip') == 'on' %>
35 gzip on; 35 gzip on;
36 gzip_disable "msie6"; 36 gzip_disable "msie6";
37 gzip_min_length 100; 37 gzip_min_length 100;
38 gzip_buffers 4 8k; 38 gzip_buffers 4 8k;
39 gzip_types text/plain text/xhtml text/css application/x-javascript text/xml ap plication/atom+xml application/rss+xml; 39 gzip_types text/plain text/xhtml text/css application/x-javascript text/xml ap plication/atom+xml application/rss+xml;
40 <% end %> 40 <% end %>
41 41
42 ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECD SA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS !RC4 +3DES DES-CBC3-SHA"; 42 ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECD SA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA -3DES DES-CBC3-SHA !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS !RC4";
Felix Dahlke 2014/04/26 22:19:47 After figuring out how this works, I think it'd be
Wladimir Palant 2014/04/27 20:35:34 You are right, I did that. I also decided to chang
43 ssl_prefer_server_ciphers on; 43 ssl_prefer_server_ciphers on;
44 ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; 44 ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
45 <% if ssl_session_cache == 'on' %> 45 <% if ssl_session_cache == 'on' %>
46 ssl_session_cache shared:SSL:1m; 46 ssl_session_cache shared:SSL:1m;
47 <% else %> 47 <% else %>
48 ssl_session_cache off; 48 ssl_session_cache off;
49 <% end %> 49 <% end %>
50 50
51 types_hash_max_size 2048; 51 types_hash_max_size 2048;
52 52
53 server_names_hash_bucket_size 64; 53 server_names_hash_bucket_size 64;
54 54
55 include /etc/nginx/conf.d/*.conf; 55 include /etc/nginx/conf.d/*.conf;
56 include /etc/nginx/sites-enabled/*; 56 include /etc/nginx/sites-enabled/*;
57 } 57 }
LEFTRIGHT
« no previous file | no next file » | Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Toggle Comments ('s')

Powered by Google App Engine
This is Rietveld