Skip to content

Commit 5a08ae4

Browse files
macbremacbre
authored
Merge pull request #4 from macbre/nginx-1.17.10
nginx 1.17.10 has been release on 14 Apr 2020
2 parents f81bac0 + 6d0b298 commit 5a08ae4

File tree

2 files changed

+19
-1
lines changed

2 files changed

+19
-1
lines changed

Dockerfile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ FROM alpine:3.11
22

33
LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
44

5-
ENV NGINX_VERSION 1.17.9
5+
ENV NGINX_VERSION 1.17.10
66
ENV NGX_BROTLI_COMMIT e505dce68acc190cc5a1e780a3b0275e39f160ca
77

88
RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
@@ -151,6 +151,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
151151

152152
COPY nginx.conf /etc/nginx/nginx.conf
153153
COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf
154+
COPY ssl_common.conf /etc/nginx/conf.d/ssl_common.conf
154155

155156
EXPOSE 80 443
156157

ssl_common.conf

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
# Grade A+ SSL support
2+
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.9&config=intermediate&openssl=1.1.1d&guideline=5.4
3+
ssl_session_timeout 1d;
4+
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
5+
ssl_session_tickets off;
6+
7+
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam.pem
8+
ssl_dhparam /etc/ssl/dhparam.pem;
9+
10+
# intermediate configuration
11+
ssl_protocols TLSv1.2 TLSv1.3;
12+
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
13+
ssl_prefer_server_ciphers off;
14+
15+
# OCSP stapling
16+
ssl_stapling on;
17+
ssl_stapling_verify on;

0 commit comments

Comments
 (0)