aboutsummaryrefslogtreecommitdiff
path: root/modules/websites
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2020-04-28 01:40:53 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2020-04-28 01:40:53 +0200
commit41521c75a22ecdbf87f1e3139ba8d0877ac7915b (patch)
tree8b8eb88bf09b9708cca8c6aa180aee3c28da409e /modules/websites
parent37465bc7b0601bbeb8ec84c728ef50f58788707a (diff)
downloadNix-41521c75a22ecdbf87f1e3139ba8d0877ac7915b.tar.gz
Nix-41521c75a22ecdbf87f1e3139ba8d0877ac7915b.tar.zst
Nix-41521c75a22ecdbf87f1e3139ba8d0877ac7915b.zip
Add comment about ssl testing
Diffstat (limited to 'modules/websites')
-rw-r--r--modules/websites/default.nix1
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix
index 837d838..0a78c13 100644
--- a/modules/websites/default.nix
+++ b/modules/websites/default.nix
@@ -201,6 +201,7 @@ in
201 logPerVirtualHost = true; 201 logPerVirtualHost = true;
202 multiProcessingModule = "worker"; 202 multiProcessingModule = "worker";
203 # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4 203 # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4
204 # test with https://www.ssllabs.com/ssltest/analyze.html?d=www.immae.eu&s=176.9.151.154&latest
204 sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1"; 205 sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1";
205 sslCiphers = builtins.concatStringsSep ":" [ 206 sslCiphers = builtins.concatStringsSep ":" [
206 "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256" 207 "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256"
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 08:19:41 +0000