|
|
@@ -2,12 +2,18 @@ server {
|
|
|
listen 443 http2 ssl;
|
|
|
listen [::]:443 http2 ssl;
|
|
|
|
|
|
- index index.html;
|
|
|
- root /var/www/html;
|
|
|
- ssl_certificate /path/to/example.cer;
|
|
|
- ssl_certificate_key /path/to/example.cer;
|
|
|
- ssl_protocols TLSv1.2 TLSv1.3;
|
|
|
- ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
|
|
+ index index.html;
|
|
|
+ root /var/www/html;
|
|
|
+ ssl_certificate /path/to/example.cer;
|
|
|
+ ssl_certificate_key /path/to/example.cer;
|
|
|
+ ssl_protocols TLSv1.2 TLSv1.3;
|
|
|
+ ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
|
|
+
|
|
|
+ # splithttp produces very noisy access logs, as it sends many HTTP
|
|
|
+ # requests and uses querystrings for padding. It is recommended to turn
|
|
|
+ # them off after setup, or use custom log formats to limit the amount
|
|
|
+ # of information.
|
|
|
+ # access_log off;
|
|
|
|
|
|
location /split {
|
|
|
proxy_pass http://127.0.0.1:1234;
|
mmmray