cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests 8 Projects Releases Wiki Activity

faster better dhparams that actually get used

Browse source
This commit is contained in:
cronekorkn 2024-06-05 21:34:28 +02:00
parent ff51b41c38
commit d62e609863
Signed by: cronekorkn
SSH key fingerprint: SHA256:v0410ZKfuO1QHdgKBsdQNF64xmTxOF8osF1LIqwTcVw
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
bundles/nginx/files/nginx.conf
View file

@ -21,6 +21,7 @@ http {
server_names_hash_bucket_size 128; server_names_hash_bucket_size 128;
tcp_nopush on; tcp_nopush on;
client_max_body_size 32G; client_max_body_size 32G;
ssl_dhparam "/etc/nginx/dhparams.pem";
% if node.has_bundle('php'): % if node.has_bundle('php'):
upstream php-handler { upstream php-handler {

2
bundles/nginx/items.py
View file

@ -76,7 +76,7 @@ files = {
actions = { actions = {
'nginx-generate-dhparam': { 'nginx-generate-dhparam': {
'command': 'openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048', 'command': 'openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096',
'unless': 'test -f /etc/ssl/certs/dhparam.pem', 'unless': 'test -f /etc/ssl/certs/dhparam.pem',
}, },
} }