roles/nginx: Set nginx SSL buffer size to 1400

istlsfastyet.com recommends setting the buffer size to 1400 so it
can fit into a single MTU.  nginx default is 16k!

http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size

Signed-off-by: Alan Orth <alan.orth@gmail.com>
This commit is contained in:
Alan Orth 2014-12-06 22:15:15 +03:00
parent d04293a664
commit be6c76a2af

View File

@ -7,6 +7,7 @@
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:1m;
ssl_buffer_size 1400; # 1400 bytes to fit in one MTU
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_protocols {{ nginx_tls_protocols }};
ssl_ciphers "{{ tls_cipher_suite }}";