danwin1210/mail-hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make use of snakeoil certificates in default configuration files

Browse Source
This commit is contained in:
Daniel Winzen
2024-06-05 21:53:17 +02:00
parent ffac3ea1db
commit a8c633b1d2
12 changed files with 70 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
etc/nginx/nginx.conf
View File

@ -4,6 +4,7 @@ pid /run/nginx.pid;
pcre_jit on;
worker_rlimit_nofile 30000;
worker_shutdown_timeout 1m;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 7680;
@ -51,8 +52,8 @@ http {
ssl_early_data off;
ssl_stapling on;
ssl_stapling_verify on;
ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
ssl_certificate_key /etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
ssl_dhparam /etc/nginx/dh4096.pem;
##

4
etc/nginx/sites-enabled/mail
View File

@ -51,8 +51,8 @@ server {
add_header Cross-Origin-Opener-Policy same-origin always;
add_header Cross-Origin-Resource-Policy same-origin always;
listen [::]:443 ssl proxy_protocol http2;
ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
ssl_certificate_key /etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
root /var/www/html;
index index.php;
server_name danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion danwin1210.de;

4
etc/nginx/sites-enabled/openpgpkey
View File

@ -16,6 +16,6 @@ server {
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
expires off;
}
ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
ssl_certificate_key /etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
}