Interanet/jitsi-meet-deployment
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
343 Commits 1 Branch 0 Tags
eedac14370e49e5c746efd6956ff5799ea2cd657
Commit Graph

10 Commits

Author SHA1 Message Date
Saúl Ibarra Corretgé
4cb181c1b2 web: install acme certs to persistent storage 2020-12-04 15:17:48 +01:00
Jonathan Lennox
b0cb4a1846 web: update TLS config to Mozilla security guidelines 2020-12-02 23:20:15 +01:00
Saúl Ibarra Corretgé
06012127e9 web: replace certbot with acme.sh 
The former seems to be in a pretty bad state for usage with Debian based
containers:

- The Debian provided package is too old
- certbot-auto no longer works on Debian
- The recommended way of using snap is not Docker friendly

Thus, we are migrating to acme.sh, which has the advantage of also
making the web container slimmer.
 2020-12-02 16:03:17 +01:00
Jakub Onderka
2a0120de8b web: set security headers also for non HTTPS 
Fixes: #493
 2020-07-22 17:23:23 +02:00
Hanno Böck
dc46215600 web: remove DHE suites support 
Ref: https://github.com/jitsi/docker-jitsi-meet/issues/433
 2020-04-14 16:59:19 +02:00
Saúl Ibarra Corretgé
30c425811e misc: fix handling boolean values 
Fixes: https://github.com/jitsi/docker-jitsi-meet/issues/30
 2019-01-28 23:11:03 +01:00
netaskd
072fb9d9d1 web: add strong ssl_ciphers and headers 2018-12-10 08:43:01 +01:00
netaskd
7c6c6bcefb web: enable ssl_protocol TLSv1.2 only 2018-12-04 19:56:09 +01:00
Saúl Ibarra Corretgé
f61ef3f093 web: add builtin Let's Encrypt support 2018-11-07 14:02:36 +01:00
Saúl Ibarra Corretgé
415f10406f web: split TLS configuration and make it stronger 
Resources:

- https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
- https://weakdh.org/sysadmin.html
 2018-11-07 10:08:09 +01:00