default domain
server {
listen 80 default_server;
access_log /var/log/nginx/default__access.log main;
error_log /var/log/nginx/default__error.log error;
client_max_body_size 512k;
location / {
return 444;
}
}
vhost
listen 443 ssl;
include ssl/<domain.com>/cert.conf;
# letsencrypt
include ssl/le.conf;
dh param
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
some info https://gist.github.com/plentz/6737338