Merge pull request #31 from mischaikow/certbot-six

Certbot try six
mischaikow · Jul 4, 2024 · 624ffba · 624ffba
2 parents dc3db26 + 093d23c
commit 624ffba
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml
@@ -4,8 +4,7 @@ services:
     command: sh -c "certbot certonly --standalone -d mischaikow.com --text --agree-tos --email [email protected] --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --verbose --keep-until-expiring --preferred-challenges=http"
     container_name: certbot
     volumes:
-      - ./nginx/certbot:/etc/letsencrypt
-      - ./nginx/certbot-data:/var/lib/letsencrypt
+      - "letsencrypt:/etc/letsencrypt"
 
 volumes:
   letsencrypt:

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
@@ -5,8 +5,13 @@ server {
   listen 443 ssl;
   ssl_certificate /etc/letsencrypt/live/mischaikow.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/mischaikow.com/privkey.pem;
-  include /etc/letsencrypt/options-ssl-nginx.conf;
-  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+  ssl_session_timeout 5m;
+  ssl_protocols TLSv1.2;
+  ssl_ciphers 'EECDH+AESGCM: EDH+AESGCM:AES256+EECDH:AES256+EDH';
+  ssl_prefer_server_ciphers on;
+
+  ssl_session_cache shared:SSL:10m;
+  ssl_dhparam dhparam.pem;
 
   location / {
     proxy_pass http://mischaikow-frontend:4173/;