From 809608c7ef4801f80adbd0ae07301e39c11e3951 Mon Sep 17 00:00:00 2001
From: mia <mia@mia.jetzt>
Date: Sun, 30 Jun 2024 18:29:59 -0700
Subject: initial commit

---
 nginx/nginx.conf | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 nginx/nginx.conf

(limited to 'nginx/nginx.conf')

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
new file mode 100644
index 0000000..336c8d2
--- /dev/null
+++ b/nginx/nginx.conf
@@ -0,0 +1,47 @@
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log notice;
+pid /run/nginx.pid;
+include /usr/share/nginx/modules/*.conf;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	aio threads;
+	tcp_nopush on;
+	server_tokens off;
+	http2 on;
+
+	gzip on;
+	gunzip on;
+	gzip_vary on;
+	gzip_types text/plain text/css application/json application/javascript text/javascript;
+
+	map $http_upgrade $connection_upgrade {
+		default upgrade;
+		'' close;
+	}
+
+	proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=pcache:32m max_size=20g;
+	ssl_session_cache shared:SSL:10m;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_stapling on;
+	ssl_stapling_verify on;
+	ssl_prefer_server_ciphers on;
+
+	resolver 127.0.0.53;
+
+	# dummy host
+	server {
+		listen 443 quic reuseport default_server;
+		listen 443 ssl reuseport default_server;
+		server_name _;
+		ssl_certificate /etc/tls/mia.jetzt.crt;
+		ssl_certificate_key /etc/tls/mia.jetzt.key;
+	}
+
+	%SERVERS%
+}
-- 
cgit 1.4.1