roles/nginx: use one day for nginx ssl_session_timeout

This is a new default since I last looked at the Mozilla server-side
SSL configurator.
This commit is contained in:
Alan Orth 2025-03-29 22:29:07 +03:00
parent 0afb8a4493
commit 99866c0c90
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9

View File

@ -7,8 +7,8 @@ nginx_confd_path: /etc/nginx/conf.d
# parent directory of vhost roots
nginx_root_prefix: "{{ web_root_prefix }}"
# 1 hour timeout
nginx_ssl_session_timeout: 1h
# 1 day timeout
nginx_ssl_session_timeout: 1d
# 10MB -> 40,000 sessions
nginx_ssl_session_cache: shared:SSL:10m
nginx_ssl_buffer_size: 4k