modified

volumes/conf.d/code.zinomedia.de.conf

@@ -10,12 +10,12 @@ server {
     ssl_certificate_key /etc/letsencrypt/live/code.zinomedia.de/privkey.pem;
 
     # SSL Optimizations
-    ssl_protocols TLSv1.2 TLSv1.3;
+    #ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_session_cache shared:SSL:10m;
+    #ssl_session_cache shared:SSL:10m;
-    ssl_session_timeout 10m;
+    #ssl_session_timeout 10m;
-    ssl_prefer_server_ciphers on;
+    #ssl_prefer_server_ciphers on;
 
-    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always;
 
     # Vouch
@@ -57,7 +57,7 @@ server {
         #proxy_pass $upstream;
 
         # redirect to Vouch Proxy for login
-        return 302 https://vouch.armos.zinomedia.de:9090/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err;
+        return 302 https://vouch.armos.zinomedia.de/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err;
     }
 
 

volumes/conf.d/vouch.armos.zinomedia.de.conf

@@ -10,11 +10,11 @@ server {
     ssl_certificate_key /etc/letsencrypt/live/vouch.armos.zinomedia.de/privkey.pem;
 
     # SSL Optimizations
-    ssl_protocols TLSv1.2 TLSv1.3;
+    #ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_session_cache shared:SSL:10m;
+    #ssl_session_cache shared:SSL:10m;
-    ssl_session_timeout 10m;
+    #ssl_session_timeout 10m;
 
-    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 
     location / {
         #resolver 127.0.0.11;