From f119bd7c375adab924ce839f47112e40772059bd Mon Sep 17 00:00:00 2001
From: Chris <bsod@zom.bi>
Date: Thu, 5 Nov 2020 20:41:47 +0100
Subject: [PATCH] update tls options

fixes #39
---
 config/traefik.toml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/config/traefik.toml b/config/traefik.toml
index c72af33..c7a595e 100644
--- a/config/traefik.toml
+++ b/config/traefik.toml
@@ -49,3 +49,17 @@
 [[tls.certificates]]
   certFile = "cert/grun.host.origin.pem"
   keyFile = "cert/grun.host.origin.key"
+
+[tls.options]
+  [tls.options.default]
+    minVersion = "VersionTLS12"
+    cipherSuites = [
+      "TLS_CHACHA20_POLY1305_SHA256",
+      "TLS_AES_128_GCM_SHA256",
+      "TLS_AES_256_GCM_SHA384",
+      "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
+    ]
+  [tls.options.mintls13]
+    minVersion = "VersionTLS13"
\ No newline at end of file