From e1d3a0dbbced17b6e280a1d94881bf088dd71108 Mon Sep 17 00:00:00 2001 From: ChK Date: Sat, 14 Feb 2026 10:37:10 +0100 Subject: [PATCH] anpassungen --- letsencrypt/conf/renewal/server.schooltech.ch.conf | 2 +- nginx.conf | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/letsencrypt/conf/renewal/server.schooltech.ch.conf b/letsencrypt/conf/renewal/server.schooltech.ch.conf index 9b37deb..56518ff 100644 --- a/letsencrypt/conf/renewal/server.schooltech.ch.conf +++ b/letsencrypt/conf/renewal/server.schooltech.ch.conf @@ -18,4 +18,4 @@ controller.server.schooltech.ch = /var/www/certbot portainer.server.schooltech.ch = /var/www/certbot simulation3a29.server.schooltech.ch = /var/www/certbot [acme_renewal_info] -ari_retry_after = 2026-02-07T08:36:28 +ari_retry_after = 2026-02-14T07:10:40 diff --git a/nginx.conf b/nginx.conf index 9bdd8b2..0c709a5 100644 --- a/nginx.conf +++ b/nginx.conf @@ -32,6 +32,7 @@ server { ssl_certificate /etc/letsencrypt/live/server.schooltech.ch/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/server.schooltech.ch/privkey.pem; ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; # Einfach Verbindung schließen für unbekannte Hosts return 444; @@ -63,6 +64,9 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; + + proxy_buffering off; + proxy_request_buffering off; } # ------------------------------------------------------------ @@ -82,6 +86,10 @@ server { # Security add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + # SSL + tcp_nopush on; + tcp_nodelay on; } # ------------------------------------------------------------