diff options
| author | EuAndreh <eu@euandre.org> | 2024-05-09 11:26:55 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2024-05-09 11:26:55 -0300 |
| commit | 3ff6036346703bd04994c87c2dc4e86fe8d5df44 (patch) | |
| tree | 4daed3be5a71f40e1c1e192b9866a8997076186b | |
| parent | Stop using secret NGINX configuration (diff) | |
| download | toph-3ff6036346703bd04994c87c2dc4e86fe8d5df44.tar.gz toph-3ff6036346703bd04994c87c2dc4e86fe8d5df44.tar.xz | |
system.scm: Stick to TLSv1.3 only
| -rw-r--r-- | src/infrastructure/guix/system.scm | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/src/infrastructure/guix/system.scm b/src/infrastructure/guix/system.scm index ab44194..5ff5e37 100644 --- a/src/infrastructure/guix/system.scm +++ b/src/infrastructure/guix/system.scm @@ -413,9 +413,7 @@ "#))))) (raw-content '(#"- - # BearSSL still doesn't TLSv1.3, so we deem TLSv1.2 as - # acceptable - ssl_protocols TLSv1.2 TLSv1.3; + ssl_protocols TLSv1.3; ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH; ssl_prefer_server_ciphers on; gzip off; # Disable compression altogether due to BREACH |