From 7b09546c45029e07f3169775eb2a50fa68b6228f Mon Sep 17 00:00:00 2001
From: Sebastian Hugentobler <sebastian@vanwa.ch>
Date: Tue, 16 Aug 2016 14:48:18 +0200
Subject: [PATCH] try nginx ssl

---
 rootfs/etc/confd/templates/nginx.conf.tmpl | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/rootfs/etc/confd/templates/nginx.conf.tmpl b/rootfs/etc/confd/templates/nginx.conf.tmpl
index 22003c5..038cc05 100644
--- a/rootfs/etc/confd/templates/nginx.conf.tmpl
+++ b/rootfs/etc/confd/templates/nginx.conf.tmpl
@@ -23,6 +23,11 @@ http {
         # List port
         listen {{"{{"}}GIN_PORT{{"}}"}};
 
+        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+        ssl_certificate /etc/ssl/nginx/fullchain.pem;
+        ssl_certificate_key /etc/ssl/nginx/privkey.key;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+
         keepalive_timeout 70;
 
         # Access log with buffer, or disable it completetely if unneeded