initial commit

1 files changed, 47 insertions, 0 deletions

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
new file mode 100644
index 0000000..336c8d2
--- /dev/null
+++ b/nginx/nginx.conf
@@ -0,0 +1,47 @@
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log notice;
+pid /run/nginx.pid;
+include /usr/share/nginx/modules/*.conf;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	aio threads;
+	tcp_nopush on;
+	server_tokens off;
+	http2 on;
+
+	gzip on;
+	gunzip on;
+	gzip_vary on;
+	gzip_types text/plain text/css application/json application/javascript text/javascript;
+
+	map $http_upgrade $connection_upgrade {
+		default upgrade;
+		'' close;
+	}
+
+	proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=pcache:32m max_size=20g;
+	ssl_session_cache shared:SSL:10m;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_stapling on;
+	ssl_stapling_verify on;
+	ssl_prefer_server_ciphers on;
+
+	resolver 127.0.0.53;
+
+	# dummy host
+	server {
+		listen 443 quic reuseport default_server;
+		listen 443 ssl reuseport default_server;
+		server_name _;
+		ssl_certificate /etc/tls/mia.jetzt.crt;
+		ssl_certificate_key /etc/tls/mia.jetzt.key;
+	}
+
+	%SERVERS%
+}