colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

nginx: note that OCSP stapling isn't actually working

Browse Source
This commit is contained in:
colin
2022-11-30 02:09:35 +00:00
parent 5d1e8f5f60
commit 82d11a7ae1
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/servo/services/nginx.nix
View File

@@ -31,6 +31,7 @@ in
# sets gzip_comp_level = 5 # sets gzip_comp_level = 5
services.nginx.recommendedGzipSettings = true; services.nginx.recommendedGzipSettings = true;
# enables OCSP stapling (so clients don't need contact the OCSP server -- i do instead) # enables OCSP stapling (so clients don't need contact the OCSP server -- i do instead)
# - doesn't seem to, actually: <https://www.ssllabs.com/ssltest/analyze.html?d=uninsane.org>
# caches TLS sessions for 10m # caches TLS sessions for 10m
services.nginx.recommendedTlsSettings = true; services.nginx.recommendedTlsSettings = true;
# enables sendfile, tcp_nopush, tcp_nodelay, keepalive_timeout 65 # enables sendfile, tcp_nopush, tcp_nodelay, keepalive_timeout 65