diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-04-28 01:40:53 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-04-28 01:40:53 +0200 |
commit | 41521c75a22ecdbf87f1e3139ba8d0877ac7915b (patch) | |
tree | 8b8eb88bf09b9708cca8c6aa180aee3c28da409e /modules/websites/default.nix | |
parent | 37465bc7b0601bbeb8ec84c728ef50f58788707a (diff) | |
download | Nix-41521c75a22ecdbf87f1e3139ba8d0877ac7915b.tar.gz Nix-41521c75a22ecdbf87f1e3139ba8d0877ac7915b.tar.zst Nix-41521c75a22ecdbf87f1e3139ba8d0877ac7915b.zip |
Add comment about ssl testing
Diffstat (limited to 'modules/websites/default.nix')
-rw-r--r-- | modules/websites/default.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix index 837d838..0a78c13 100644 --- a/modules/websites/default.nix +++ b/modules/websites/default.nix | |||
@@ -201,6 +201,7 @@ in | |||
201 | logPerVirtualHost = true; | 201 | logPerVirtualHost = true; |
202 | multiProcessingModule = "worker"; | 202 | multiProcessingModule = "worker"; |
203 | # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4 | 203 | # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4 |
204 | # test with https://www.ssllabs.com/ssltest/analyze.html?d=www.immae.eu&s=176.9.151.154&latest | ||
204 | sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1"; | 205 | sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1"; |
205 | sslCiphers = builtins.concatStringsSep ":" [ | 206 | sslCiphers = builtins.concatStringsSep ":" [ |
206 | "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256" | 207 | "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256" |