Format & Clean

snippets/fastcgi-php.conf

@@ -1,13 +0,0 @@
-# regex to split $uri to $fastcgi_script_name and $fastcgi_path
-fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-
-# Check that the PHP script exists before passing it
-try_files $fastcgi_script_name =404;
-
-# Bypass the fact that try_files resets $fastcgi_path_info
-# see: http://trac.nginx.org/nginx/ticket/321
-set $path_info $fastcgi_path_info;
-fastcgi_param PATH_INFO $path_info;
-
-fastcgi_index index.php;
-include fastcgi.conf;

snippets/snakeoil.conf

@@ -1,5 +0,0 @@
-# Self signed certificates generated by the ssl-cert package
-# Don't use them in a production server!
-
-ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
-ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

snippets/ssl.conf

@@ -1,15 +0,0 @@
-ssl_session_timeout 1d;
-ssl_session_cache shared:SSL:50m;
-ssl_session_tickets off;
-
-ssl_protocols TLSv1.2;
-ssl_ciphers EECDH+AESGCM:EECDH+AES;
-ssl_ecdh_curve secp384r1;
-ssl_prefer_server_ciphers on;
-
-ssl_stapling on;
-ssl_stapling_verify on;
-
-add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
-add_header X-Frame-Options DENY;
-add_header X-Content-Type-Options nosniff;

snippets/ssl_options.conf

@@ -1,9 +1,15 @@
 ssl_session_timeout 1d;
+ssl_session_cache shared:SSL:50m;
+ssl_session_tickets off;
+
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
 ssl_prefer_server_ciphers on;
 ssl_dhparam /etc/ssl/certs/dhparam.pem;
-ssl_session_cache shared:SSL:50m; 
+
 ssl_stapling on;
 ssl_stapling_verify on;
+
 add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
+add_header X-Frame-Options DENY;
+add_header X-Content-Type-Options nosniff;