2014-08-27 19:02:29 +02:00
|
|
|
---
|
|
|
|
# file: roles/nginx/defaults/main.yml
|
|
|
|
|
|
|
|
# path config
|
|
|
|
nginx_confd_path: /etc/nginx/conf.d
|
|
|
|
|
|
|
|
# parent directory of vhost roots
|
|
|
|
nginx_root_prefix: /var/www
|
|
|
|
|
2015-06-04 22:28:31 +02:00
|
|
|
# 1 hour timeout
|
|
|
|
nginx_ssl_session_timeout: 1h
|
|
|
|
# 10MB -> 40,000 sessions
|
|
|
|
nginx_ssl_session_cache: shared:SSL:10m
|
|
|
|
# 1400 bytes to fit in one MTU (default is 16k!)
|
|
|
|
nginx_ssl_buffer_size: 1400
|
|
|
|
nginx_ssl_dhparam: /etc/ssl/certs/dhparam.pem
|
|
|
|
nginx_ssl_protocols: 'TLSv1 TLSv1.1 TLSv1.2'
|
|
|
|
|
|
|
|
# Enable HTTP Strict Transport Security?
|
|
|
|
# True on production, False on development!
|
|
|
|
nginx_enable_hsts: True
|
2014-09-06 20:32:37 +02:00
|
|
|
|
2014-09-13 22:16:54 +02:00
|
|
|
# TLS key directory
|
|
|
|
tls_key_dir: /etc/ssl/private
|
|
|
|
|
2015-05-24 23:15:49 +02:00
|
|
|
# stable is 1.8.x
|
|
|
|
# mainline is 1.9.x
|
|
|
|
nginx_version: mainline
|
|
|
|
|
2014-08-27 19:02:29 +02:00
|
|
|
# vim: set ts=2 sw=2:
|