Delta Between Two Patch Sets: modules/nginx/templates/nginx.conf.erb
Issue 6247625674194944:
Issue 299 and issue 385 - Drop support for RC4 and support IE6/WinXP clients (Closed)
Left Patch Set:
Created April 26, 2014, 10:10 p.m.
Right Patch Set: Slightly adjusted ciphers list
Created April 27, 2014, 8:33 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with change/comment
|
« no previous file
|
no next file »
|
no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| LEFT | RIGHT |
|---|---|
| 1 user <%= scope.lookupvar('nginx::params::user') %> <%= scope.lookupvar('nginx::p arams::group') %>; | 1 user <%= scope.lookupvar('nginx::params::user') %> <%= scope.lookupvar('nginx::p arams::group') %>; |
| 2 worker_processes <%= worker_processes %>; | 2 worker_processes <%= worker_processes %>; |
| 3 | 3 |
| 4 error_log /var/log/nginx/error.log notice; | 4 error_log /var/log/nginx/error.log notice; |
| 5 pid /var/run/nginx.pid; | 5 pid /var/run/nginx.pid; |
| 6 | 6 |
| 7 events { | 7 events { |
| 8 worker_connections <%= worker_connections %>; | 8 worker_connections <%= worker_connections %>; |
| 9 <% if scope.lookupvar('nginx::params::multi_accept') == 'on' %>multi_accept on ;<% end %> | 9 <% if scope.lookupvar('nginx::params::multi_accept') == 'on' %>multi_accept on ;<% end %> |
| 10 } | 10 } |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 32 tcp_nodelay <%= scope.lookupvar('nginx::params::tcp_nodelay') %>; | 32 tcp_nodelay <%= scope.lookupvar('nginx::params::tcp_nodelay') %>; |
| 33 | 33 |
| 34 <% if scope.lookupvar('nginx::params::gzip') == 'on' %> | 34 <% if scope.lookupvar('nginx::params::gzip') == 'on' %> |
| 35 gzip on; | 35 gzip on; |
| 36 gzip_disable "msie6"; | 36 gzip_disable "msie6"; |
| 37 gzip_min_length 100; | 37 gzip_min_length 100; |
| 38 gzip_buffers 4 8k; | 38 gzip_buffers 4 8k; |
| 39 gzip_types text/plain text/xhtml text/css application/x-javascript text/xml ap plication/atom+xml application/rss+xml; | 39 gzip_types text/plain text/xhtml text/css application/x-javascript text/xml ap plication/atom+xml application/rss+xml; |
| 40 <% end %> | 40 <% end %> |
| 41 | 41 |
| 42 ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECD SA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS !RC4 +3DES DES-CBC3-SHA"; | 42 ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECD SA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA -3DES DES-CBC3-SHA !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS !RC4"; |
|
Felix Dahlke
2014/04/26 22:19:47
After figuring out how this works, I think it'd be
Wladimir Palant
2014/04/27 20:35:34
You are right, I did that. I also decided to chang
| |
| 43 ssl_prefer_server_ciphers on; | 43 ssl_prefer_server_ciphers on; |
| 44 ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; | 44 ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; |
| 45 <% if ssl_session_cache == 'on' %> | 45 <% if ssl_session_cache == 'on' %> |
| 46 ssl_session_cache shared:SSL:1m; | 46 ssl_session_cache shared:SSL:1m; |
| 47 <% else %> | 47 <% else %> |
| 48 ssl_session_cache off; | 48 ssl_session_cache off; |
| 49 <% end %> | 49 <% end %> |
| 50 | 50 |
| 51 types_hash_max_size 2048; | 51 types_hash_max_size 2048; |
| 52 | 52 |
| 53 server_names_hash_bucket_size 64; | 53 server_names_hash_bucket_size 64; |
| 54 | 54 |
| 55 include /etc/nginx/conf.d/*.conf; | 55 include /etc/nginx/conf.d/*.conf; |
| 56 include /etc/nginx/sites-enabled/*; | 56 include /etc/nginx/sites-enabled/*; |
| 57 } | 57 } |
| LEFT | RIGHT |
« no previous file
|
no next file »
|
Toggle Intra-line Diffs ('i')
|
Expand Comments ('e')
|
Collapse Comments ('c')
|
Toggle Comments ('s')
