|
@@ -20,9 +20,9 @@ server {
|
20
|
20
|
server_name gang.moe;
|
21
|
21
|
server_tokens off;
|
22
|
22
|
|
23
|
|
- ssl_certificate /path/to/your/fullchain.pem;
|
24
|
|
- ssl_certificate_key /path/to/your/privkey.pem;
|
25
|
|
- ssl_trusted_certificate /path/to/your/fullchain.pem;
|
|
23
|
+ ssl_trusted_certificate /root/.acme.sh/gang.mù_ecc/ca.cer;
|
|
24
|
+ ssl_certificate /root/.acme.sh/gang.mù_ecc/fullchain.cer;
|
|
25
|
+ ssl_certificate_key /root/.acme.sh/gang.mù_ecc/waifu.social.key;
|
26
|
26
|
|
27
|
27
|
# Add TLSv1.0 to support older devices
|
28
|
28
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
@@ -34,7 +34,7 @@ server {
|
34
|
34
|
# leave only prime256v1 or comment out the following line.
|
35
|
35
|
ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
|
36
|
36
|
ssl_stapling on;
|
37
|
|
- ssl_stapling_verify o
|
|
37
|
+ ssl_stapling_verify on;
|
38
|
38
|
|
39
|
39
|
client_max_body_size 200M; # Change this to the max file size you want to allow
|
40
|
40
|
|