alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

roles/nginx: use one day for nginx ssl_session_timeout

Browse Source 
This is a new default since I last looked at the Mozilla server-side
SSL configurator.
This commit is contained in:
Alan Orth 2025-03-29 22:29:07 +03:00
parent 0afb8a4493
commit 99866c0c90
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/nginx/defaults/main.yml
View File

@ -7,8 +7,8 @@ nginx_confd_path: /etc/nginx/conf.d
# parent directory of vhost roots # parent directory of vhost roots
nginx_root_prefix: "{{ web_root_prefix }}" nginx_root_prefix: "{{ web_root_prefix }}"
# 1 hour timeout # 1 day timeout
nginx_ssl_session_timeout: 1h nginx_ssl_session_timeout: 1d
# 10MB -> 40,000 sessions # 10MB -> 40,000 sessions
nginx_ssl_session_cache: shared:SSL:10m nginx_ssl_session_cache: shared:SSL:10m
nginx_ssl_buffer_size: 4k nginx_ssl_buffer_size: 4k