From 3dbb7e705d114d8e17204b71915cef00d3d01231 Mon Sep 17 00:00:00 2001 From: Loudbook Date: Sat, 7 Dec 2024 18:32:34 -0500 Subject: [PATCH] Update pastebook.conf --- pastebook.conf | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/pastebook.conf b/pastebook.conf index 2ef1a46..272c29f 100644 --- a/pastebook.conf +++ b/pastebook.conf @@ -8,9 +8,16 @@ server { } server { - listen 443; + listen 443 ssl; server_name ; + ssl_certificate /etc/letsencrypt/live//fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live//privkey.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + location / { proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; @@ -18,9 +25,6 @@ server { proxy_set_header X-Forwarded-Port $server_port; proxy_pass http://localhost:3000/; } - - ssl_certificate /etc/letsencrypt/live//fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live//privkey.pem; } server { @@ -33,9 +37,16 @@ server { } server { - listen 443; + listen 443 ssl; server_name api.; + ssl_certificate /etc/letsencrypt/live//fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live//privkey.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + client_max_body_size 6M; location / { @@ -45,7 +56,4 @@ server { proxy_set_header X-Forwarded-Port $server_port; proxy_pass http://localhost:8080/; } - - ssl_certificate /etc/letsencrypt/live//fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live//privkey.pem; }