From 4a590756c4c8f885386431914cdaaad64bc8113e Mon Sep 17 00:00:00 2001
From: stubbfel <git@stubbe.rocks>
Date: Sun, 11 Feb 2018 15:44:16 +0100
Subject: [PATCH] enable tls 1.0 and 1.1

---
 services/nginx.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/services/nginx.nix b/services/nginx.nix
index d5f1a6b..238e048 100644
--- a/services/nginx.nix
+++ b/services/nginx.nix
@@ -7,6 +7,8 @@ networking.firewall.allowedTCPPorts = [80 443];
 
 services.nginx = {
         enable = true;
+	sslProtocols = "TLSv1 TLSv1.1 TLSv1.2";
+#	sslCiphers = "DHE+RSA+AES128+SHA:EECDH+aRSA+AESGCM:EDH+aRSA:EECDH+aRSA:+AES256:+AES128:+SHA1:!CAMELLIA:!SEED:!3DES:!DES:!RC4:!eNULL";
         recommendedGzipSettings = true;
         recommendedOptimisation = true;
         recommendedProxySettings = true;