26 lines
841 B
Nginx Configuration File
26 lines
841 B
Nginx Configuration File
# This requires the `stream` module. This sections goes on the main
|
|
# nginx.conf or at least outside the `http` section. Run `nginx -t` to
|
|
# test changes.
|
|
stream {
|
|
server {
|
|
# Listen on port 1965, with mandatory TLS.
|
|
listen 1965 ssl;
|
|
|
|
# Run only these protocols.
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
|
|
# Other TLS options could go here.
|
|
|
|
# The variable $ssl_server_name dynamically loads a certificate for
|
|
# any domain name that points to this server.
|
|
#
|
|
# No need to send the full chain since Gemini clients only want to
|
|
# validate the CommonName field.
|
|
ssl_certificate /etc/letsencrypt/live/$ssl_server_name/cert.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/$ssl_server_name/privkey.pem;
|
|
|
|
# After TLS session is started, proxy everything to `gemini`.
|
|
proxy_pass 127.0.0.1:19650;
|
|
}
|
|
}
|