Format & Clean

sites-available/default

@@ -19,7 +19,6 @@ server {
   sendfile on;
   send_timeout 600s;
 
-
   location / {
     proxy_pass http://192.168.2.1/;
     proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;

snippets/fastcgi-php.conf

@@ -1,13 +0,0 @@
-# regex to split $uri to $fastcgi_script_name and $fastcgi_path
-fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-
-# Check that the PHP script exists before passing it
-try_files $fastcgi_script_name =404;
-
-# Bypass the fact that try_files resets $fastcgi_path_info
-# see: http://trac.nginx.org/nginx/ticket/321
-set $path_info $fastcgi_path_info;
-fastcgi_param PATH_INFO $path_info;
-
-fastcgi_index index.php;
-include fastcgi.conf;

snippets/snakeoil.conf

@@ -1,5 +0,0 @@
-# Self signed certificates generated by the ssl-cert package
-# Don't use them in a production server!
-
-ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
-ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

snippets/ssl.conf

@@ -1,15 +0,0 @@
-ssl_session_timeout 1d;
-ssl_session_cache shared:SSL:50m;
-ssl_session_tickets off;
-
-ssl_protocols TLSv1.2;
-ssl_ciphers EECDH+AESGCM:EECDH+AES;
-ssl_ecdh_curve secp384r1;
-ssl_prefer_server_ciphers on;
-
-ssl_stapling on;
-ssl_stapling_verify on;
-
-add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
-add_header X-Frame-Options DENY;
-add_header X-Content-Type-Options nosniff;

snippets/ssl_options.conf

@@ -1,9 +1,15 @@
 ssl_session_timeout 1d;
+ssl_session_cache shared:SSL:50m;
+ssl_session_tickets off;
+
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
 ssl_prefer_server_ciphers on;
 ssl_dhparam /etc/ssl/certs/dhparam.pem;
-ssl_session_cache shared:SSL:50m; 
+
 ssl_stapling on;
 ssl_stapling_verify on;
+
 add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
+add_header X-Frame-Options DENY;
+add_header X-Content-Type-Options nosniff;