Home Explore Help
Sign In
github-mirror
/
docker-jitsi-meet
mirror of https://github.com/jitsi/docker-jitsi-meet
2
0
Fork 0
Files Issues 0 Wiki
Tree: dc46215600
Branches Tags
docker-jitsi-me...
/
web
/
rootfs
/
defaults
/
ssl.conf

ssl.conf 1.1 KB
History Raw

123456789101112131415161718192021222324 
  1. # session settings
    2. 

  2. ssl_session_timeout 1d;
    3. 

  3. ssl_session_cache shared:SSL:50m;
    4. 

  4. ssl_session_tickets off;
    5. 

  5. 

  6. # ssl certs
    7. 

  7. {{ if .Env.ENABLE_LETSENCRYPT | default "0" | toBool }}
    8. 

  8. ssl_certificate /etc/letsencrypt/live/{{ .Env.LETSENCRYPT_DOMAIN }}/fullchain.pem;
    9. 

  9. ssl_certificate_key /etc/letsencrypt/live/{{ .Env.LETSENCRYPT_DOMAIN }}/privkey.pem;
    10. 

  10. {{ else }}
    11. 

  11. ssl_certificate /config/keys/cert.crt;
    12. 

  12. ssl_certificate_key /config/keys/cert.key;
    13. 

  13. {{ end }}
    14. 

  14. 

  15. # protocols
    16. 

  16. ssl_protocols TLSv1.2;
    17. 

  17. ssl_prefer_server_ciphers on;
    18. 

  18. ssl_ecdh_curve secp384r1;
    19. 

  19. ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDH+CHACHA20:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK;
    20. 

  20. 

  21. # headers
    22. 

  22. add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    23. 

  23. add_header X-Content-Type-Options nosniff;
    24. 

  24. add_header X-XSS-Protection "1; mode=block";
    25.