better nginx config

File download domain should not use HTTP/2, HTTP/1 is usually a tad faster at delivering downloads.
This commit is contained in:
nokonoko 2021-06-23 13:13:08 +02:00
parent 03a91b2a85
commit 9983c2dc93
3 changed files with 11 additions and 8 deletions

View File

@ -1,10 +1,15 @@
server{
listen 443 ssl http2;
listen 443 ssl;
server_name A.Y www.A.Y;
ssl on;
ssl_certificate /etc/letsencrypt/live/A.Y/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/A.Y/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_ecdh_curve secp384r1;
ssl_buffer_size 4k;
ssl_session_tickets off;
ssl_session_timeout 24h;
root /var/www/uguu/files/;
autoindex off;

View File

@ -7,8 +7,9 @@ ssl_certificate_key /etc/letsencrypt/live/X.Y/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_ecdh_curve secp384r1;
ssl_buffer_size 2k;
ssl_buffer_size 4k;
ssl_session_tickets off;
ssl_session_timeout 24h;
root /var/www/uguu/dist/;
autoindex off;
@ -16,9 +17,9 @@ access_log off;
index index.html index.php;
etag on;
location ~* \.(?:css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf)$ {
add_header Cache-Control "public";
expires 30d;
location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng|min.js|min.css)$ {
add_header Cache-Control "public";
expires 30d;
}
gzip on;

View File

@ -12,9 +12,6 @@ events {
}
http {
ssl_session_cache shared:SSL:5m;
ssl_session_timeout 12h;
ssl_session_tickets off;
##
# Basic Settings