Nginx Kit

Start

git clone https://git.forge.st/ops/nginx-kit.git /opt/nginx-kit
ln -s /opt/nginx-kit /etc/nginx/kit

Usage

In server block:

server {
	# ...
	include snippets/cert/mydomain.com.conf;
	include	kit/ssl/security.conf;
	include	kit/ssl/hsts.conf;
	include	kit/ssl/force.conf;
	# ...
}

Tamplates

SSL Certs

cd /etc/nginx
mkdir snippets/cert
cp kit/templates/cert/example.com.conf snippets/cert/mydomain.com.conf
vi snippets/cert/mydomain.com.conf

Replace the path with yours, then include in your server block:

server {
	# ...
	include snippets/cert/mydomain.com.conf;
	include kit/ssl/security.conf;
	include kit/ssl/hsts.conf;
	# ...
}

SSL snippets

• kit/ssl/security.conf: TLS protocol and session resumption settings.
• kit/ssl/hsts.conf: HSTS header for HTTPS responses.
• kit/ssl/force.conf: Redirect HTTP requests to HTTPS.