diff --git a/nginx/Dockerfile b/nginx/Dockerfile index fea4f87..bde8936 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -11,6 +11,10 @@ ENV CERTIFICATE_PATH /etc/nginx/certs/req.pem ENV CERTIFICATE_KEY_PATH /etc/nginx/certs/cert.key ENV SSL_PROTOCOLS TLSv1.2 TLSv1.3 ENV SSL_CIPHERS ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 +ENV CLIENT_BODY_BUFFER_SIZE 1K +ENV CLIENT_HEADER_BUFFER_SIZE 1k +ENV CLIENT_MAX_BODY_SIZE 1k +ENV LARGE_CLIENT_HEADER_BUFFERS 2 1k # Create sensible CERTS RUN mkdir /etc/nginx/certs diff --git a/nginx/root.conf b/nginx/root.conf index 11687a1..47756d3 100644 --- a/nginx/root.conf +++ b/nginx/root.conf @@ -24,10 +24,10 @@ server { # resolver 127.0.0.1; # DDoS - client_body_buffer_size 1K; - client_header_buffer_size 1k; - client_max_body_size 1k; - large_client_header_buffers 2 1k; + client_body_buffer_size ${CLIENT_BODY_BUFFER_SIZE}; + client_header_buffer_size ${CLIENT_HEADER_BUFFER_SIZE}; + client_max_body_size ${CLIENT_MAX_BODY_SIZE}; + large_client_header_buffers ${LARGE_CLIENT_HEADER_BUFFERS}; location / { root /var/www/html;