nixpkgs

mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-25 16:33:15 +00:00

History

Vincent Bernat 1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE The recommended TLS configuration comes with `ssl_stapling on` and `ssl_stapling_verify on`. However, this last directive also requires the use of `ssl_trusted_certificate` to verify the received answer. When using `enableACME` or similar, we can help the user by providing the correct value for the directive. The result can be tested with: openssl s_client -connect web.example.com:443 -status 2> /dev/null Without OCSP stapling, we get: OCSP response: no response sent After this change, we get: OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 Produced At: Aug 30 20:46:00 2018 GMT		2018-08-30 22:47:41 +02:00
..
doc	nixos docs: add release notes for nix 2.0 requiremnt bump	2018-08-30 08:52:43 -04:00
lib	Merge pull request #43736 from volth/patch-208	2018-08-26 01:28:12 +02:00
maintainers	create-amis.sh: Change directory for AMIs	2018-07-24 21:19:14 +02:00
modules	nixos/nginx: ensure TLS OCSP stapling works out of the box with LE	2018-08-30 22:47:41 +02:00
tests	nixos/tests/i3wm: prevent non-deterministic failure (#45759 )	2018-08-29 19:38:35 +02:00
COPYING
default.nix	nixos: export packages of the current configuration (its `pkgs` argument)	2018-02-09 19:35:27 +00:00
README
release-combined.nix	nixos/release-combined: remove keymap tests from tested job	2018-06-06 21:02:55 +02:00
release-small.nix	Add the boot test to release-small.nix	2018-02-27 20:09:07 +01:00
release.nix	systemd: ensure fsck Requires/After links are created in mount units	2018-08-28 17:12:49 +02:00

README

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
http://nixos.org/nixos and in the manual in doc/manual.