tengel/www
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

remove OCSP, deprecated with LE

Browse source
This commit is contained in:
tengel 2025-06-18 19:39:57 -05:00
parent e9fb23d752
commit 38ae8b6382
8 changed files with 0 additions and 119 deletions
Download patch file Download diff file Expand all files Collapse all files

28
etc/nginx/sites-available/airlocksix.com.conf
View file

@ -24,13 +24,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/airlocksix.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -62,13 +55,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/airlocksix.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -128,13 +114,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/airlocksix.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -166,13 +145,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/airlocksix.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

14
etc/nginx/sites-available/dwarvenmail.com.conf
View file

@ -20,13 +20,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dwarvenmail.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -58,13 +51,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dwarvenmail.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

14
etc/nginx/sites-available/dwarvenruins.com.conf
View file

@ -20,13 +20,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dwarvenruins.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -58,13 +51,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dwarvenruins.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

14
etc/nginx/sites-available/dwarvenvault.com.conf
View file

@ -20,13 +20,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dwarvenvault.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -58,13 +51,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dwarvenvault.com/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

7
etc/nginx/sites-available/git.xyzzy.ee.conf
View file

@ -27,13 +27,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/git.xyzzy.ee/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
# gitea already adds X-Frame-Options SAMEORIGIN
add_header X-Content-Type-Options "nosniff";

14
etc/nginx/sites-available/tenno.nz.conf
View file

@ -20,13 +20,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/tenno.nz/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -58,13 +51,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/tenno.nz/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

14
etc/nginx/sites-available/xyzzy.ee.conf
View file

@ -20,13 +20,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/xyzzy.ee/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -58,13 +51,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/xyzzy.ee/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

14
etc/nginx/sites-available/xyzzy.fi.conf
View file

@ -27,13 +27,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/xyzzy.fi/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -68,13 +61,6 @@ server {
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/xyzzy.fi/chain.pem;
resolver 9.9.9.9 8.8.8.8 1.1.1.1;
resolver_timeout 5s;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";