Cleanup site-ssl.erb

author Silvio Rhatto <rhatto@riseup.net>

Fri, 17 Jun 2016 20:00:34 +0000 (17:00 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Fri, 17 Jun 2016 20:00:34 +0000 (17:00 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Fri, 17 Jun 2016 20:00:34 +0000 (17:00 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Fri, 17 Jun 2016 20:00:34 +0000 (17:00 -0300)
diff --git a/templates/site-ssl.erb b/templates/site-ssl.erb

index ee9c5c8f33f3250b3499f3595782af2d58777164..55c51d793e7e3da016b6bbe10271dbb0ce421343 100644 (file)
--- a/templates/site-ssl.erb
+++ b/templates/site-ssl.erb
@@ -6,13 +6,6 @@ server {
    ssl_certificate     /etc/letsencrypt/live/<%= @use_fqdn %>/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/<%= @use_fqdn %>/privkey.pem;
  
-  ssl_session_timeout 5m;
-
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
-  ssl_prefer_server_ciphers on;
-  ssl_dhparam /etc/ssl/dhparams/dhparams_2048.pem;
-
    # enable HSTS header
    add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
author	Silvio Rhatto <rhatto@riseup.net>
	Fri, 17 Jun 2016 20:00:34 +0000 (17:00 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Fri, 17 Jun 2016 20:00:34 +0000 (17:00 -0300)