Permalink
Cannot retrieve contributors at this time
| server { | |
| listen 80; | |
| server_name postfixadmin.domain.tld; | |
| return 301 https://$server_name$request_uri; # enforce https | |
| } | |
| server { | |
| listen 443 ssl; | |
| server_name postfixadmin.domain.tld; | |
| root /srv/http/www/postfixadmin; | |
| index index.php; | |
| charset utf-8; | |
| ## SSL settings | |
| ssl_certificate /etc/nginx/ssl/ecdsa/ssl.crt; | |
| ssl_certificate_key /etc/nginx/ssl/ecdsa/ssl.key; | |
| ssl_protocols TLSv1.2; | |
| ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4"; | |
| ssl_prefer_server_ciphers on; | |
| ssl_session_cache shared:SSL:10m; | |
| ssl_session_timeout 10m; | |
| ssl_ecdh_curve secp521r1; | |
| add_header Strict-Transport-Security max-age=31536000; | |
| # add_header X-Frame-Options DENY; | |
| # auth_basic "Restricted area"; | |
| # auth_basic_user_file /etc/nginx/passwd; | |
| location / { | |
| try_files $uri $uri/ index.php; | |
| } | |
| location ~* \.php$ { | |
| try_files $uri =404; | |
| fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
| include fastcgi_params; | |
| fastcgi_pass unix:/run/php-fpm/php-fpm.sock; | |
| fastcgi_index index.php; | |
| } | |
| } |