Fix for ignored ssl_protocols and ssl_ciphers directive in conf.d/include/ssl-ciphers.conf

nietzscheanic · web-flow · commit 81054631f9e4 · 2023-05-19T14:13:29.000+02:00
nginx only uses the `ssl_protocols` directive in the `server{}` block of the first processed host config, which is the default config in `/etc/nginx/conf.d/default.conf`. in version `v2.9.20` the default ssl site was dropped by using `ssl_reject_handshake on` in the default host config. but beside the include of `conf.d/include/ssl-ciphers.conf` was removed from the default host config. that's why `tlsv1.3` isn't applied by default anymore, same thing with the defined cipher suites. npm is so broken since `2023-03-16`. commit that broke the config -> NginxProxyManager@a7f0c3b
diff --git a/docker/rootfs/etc/nginx/conf.d/default.conf b/docker/rootfs/etc/nginx/conf.d/default.conf
@@ -32,6 +32,7 @@ server {
 	server_name localhost;
 	access_log /data/logs/fallback_access.log standard;
 	error_log /dev/null crit;
+	include conf.d/include/ssl-ciphers.conf;
 	ssl_reject_handshake on;
 
 	return 444;
