ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-08-03 07:53:39 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

enable ssl_early_data, default enable http2, option to enable brotli, fix shellcheck

Browse Source 
Signed-off-by: Zoey <zoey@z0ey.de>
This commit is contained in:
Zoey
2023-01-20 08:09:52 +01:00
parent e0be3a5ea3
commit 45895ac53e
33 changed files with 367 additions and 261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/package.json
View File

@@ -4,19 +4,19 @@
"description": "A beautiful interface for creating Nginx endpoints",
"main": "js/index.js",
"dependencies": {
"@apidevtools/json-schema-ref-parser": "9.1.0",
"@apidevtools/json-schema-ref-parser": "10.0.1",
"ajv": "6.12.6",
"archiver": "5.3.1",
"batchflow": "0.4.0",
"bcrypt": "5.1.0",
"body-parser": "1.20.1",
"compression": "1.7.4",
"config": "3.3.8",
"config": "3.3.9",
"express": "4.18.2",
"express-fileupload": "1.4.0",
"gravatar": "1.8.2",
"jsonwebtoken": "9.0.0",
"knex": "2.4.0",
"knex": "2.4.1",
"liquidjs": "9.43.0",
"lodash": "4.17.21",
"moment": "2.29.4",

4
backend/templates/_brotli.conf Normal file
View File

@@ -0,0 +1,4 @@
{% if http2_support -%}
# Enable Brotli
include conf.d/include/brotli.conf;
{% endif %}

4
backend/templates/_certificates.conf
View File

@@ -5,15 +5,11 @@
ssl_certificate /data/tls/certbot/live/npm-{{ certificate_id }}/fullchain.pem;
ssl_certificate_key /data/tls/certbot/live/npm-{{ certificate_id }}/privkey.pem;
ssl_trusted_certificate /data/tls/certbot/live/npm-{{ certificate_id }}/chain.pem;
ssl_stapling on;
ssl_stapling_verify on;
{% else %}
# Custom SSL
include conf.d/include/tls-ciphers.conf;
ssl_certificate /data/tls/custom/npm-{{ certificate_id }}/fullchain.pem;
ssl_certificate_key /data/tls/custom/npm-{{ certificate_id }}/privkey.pem;
ssl_trusted_certificate /data/tls/custom/npm-{{ certificate_id }}/chain.pem;
ssl_stapling on;
ssl_stapling_verify on;
{% endif %}
{% endif %}

4
backend/templates/_listen.conf
View File

@@ -2,8 +2,8 @@
listen [::]:80;
{% if certificate %}
listen 443 ssl{% if http2_support %} http2{% endif %};
listen [::]:443 ssl{% if http2_support %} http2{% endif %};
listen 443 ssl http2;
listen [::]:443 ssl http2;
{% if hsts_subdomains %}
listen 443 http3;
listen [::]:443 http3;

1
backend/templates/dead_host.conf
View File

@@ -6,6 +6,7 @@ server {
{% include "_certificates.conf" %}
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}
{% include "_brotli.conf" %}
{{ advanced_config }}
include conf.d/include/acme-challenge.conf;

1
backend/templates/default.conf
View File

@@ -13,6 +13,7 @@ server {
server_name _;
include conf.d/include/brotli.conf;
include conf.d/include/force-ssl.conf;
include conf.d/include/tls-ciphers.conf;
include conf.d/include/acme-challenge.conf;

1
backend/templates/proxy_host.conf
View File

@@ -10,6 +10,7 @@ server {
{% include "_certificates.conf" %}
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}
{% include "_brotli.conf" %}
include conf.d/include/acme-challenge.conf;
include conf.d/include/block-exploits.conf;

1
backend/templates/redirection_host.conf
View File

@@ -6,6 +6,7 @@ server {
{% include "_certificates.conf" %}
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}
{% include "_brotli.conf" %}
{{ advanced_config }}
include conf.d/include/acme-challenge.conf;