From 280733bd93af564f84c3bb7bc045d00a5af25588 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Mon, 8 Aug 2016 16:05:10 +0200
Subject: use inline TLS config everywhere, enable includeSubDomains directive

---
 etc/nginx/sites-enabled/lcov-ssl.site | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

(limited to 'etc/nginx/sites-enabled/lcov-ssl.site')

diff --git a/etc/nginx/sites-enabled/lcov-ssl.site b/etc/nginx/sites-enabled/lcov-ssl.site
index e3f313d..0620bfe 100644
--- a/etc/nginx/sites-enabled/lcov-ssl.site
+++ b/etc/nginx/sites-enabled/lcov-ssl.site
@@ -8,15 +8,7 @@ server {
 	# Make site accessible from http://localhost/
 	server_name lcov.taler.net;
 	server_name www.lcov.taler.net;
-	ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem;
-	ssl_prefer_server_ciphers on;
-        ssl_session_cache shared:SSL:10m;
-        ssl_dhparam /etc/ssl/certs/dhparam.pem;
-	ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-	ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
-
-	add_header Strict-Transport-Security "max-age=63072000; preload";
+        include conf.d/talerssl;
 
 	location / {
 	    autoindex on;
-- 
cgit v1.2.3