finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Optimize SSL session

Browse Source
This commit is contained in:
sakkiii
2021-05-18 19:39:43 +05:30
parent 2606b41b16
commit e9b878b9e9
10 changed files with 89 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2
View File

@ -74,7 +74,13 @@ server {
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/chain.pem;
{% endif %}
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2
View File

@ -79,6 +79,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_bot_go_neb_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2
View File

@ -85,6 +85,12 @@ server {
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}
{% endif %}

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2
View File

@ -82,6 +82,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}

12
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2
View File

@ -207,6 +207,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}
@ -248,6 +254,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_trusted_certificate }};
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{% endif %}
location / {

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2
View File

@ -90,6 +90,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_grafana_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2
View File

@ -124,6 +124,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2
View File

@ -67,6 +67,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}

6
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2
View File

@ -81,6 +81,12 @@ server {
ssl_stapling_verify on;
ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_sygnal_hostname }}/chain.pem;
{% endif %}
{% if matrix_nginx_proxy_ssl_session_tickets_off %}
ssl_session_tickets off;
{% endif %}
ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }};
ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }};
{{ render_vhost_directives() }}
}