roles/nginx: Set nginx SSL session timeout to 24 hours

Default is 5 minutes, but it seems like unless you're a high-traff-
ic site, there's no need to expire sessions so quickly.  Also, the
istlsfastyet.com configs are using 24 hours, so surely we can.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
This commit is contained in:
Alan Orth 2014-12-06 22:19:12 +03:00
parent d8cd31049b
commit 23d76a535f
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9

View File

@ -5,7 +5,7 @@
ssl_certificate {{ tls_key_dir }}/{{ domain_name }}.crt.pem; ssl_certificate {{ tls_key_dir }}/{{ domain_name }}.crt.pem;
ssl_certificate_key {{ tls_key_dir }}/{{ domain_name }}.crt.pem; ssl_certificate_key {{ tls_key_dir }}/{{ domain_name }}.crt.pem;
ssl_session_timeout 5m; ssl_session_timeout 24h; # 24 hour timeout
ssl_session_cache shared:SSL:1m; # 1MB -> 4,000 sessions ssl_session_cache shared:SSL:1m; # 1MB -> 4,000 sessions
ssl_buffer_size 1400; # 1400 bytes to fit in one MTU ssl_buffer_size 1400; # 1400 bytes to fit in one MTU