From 13e7f06d5d1f9cd2a64994454de2c1f280d33632 Mon Sep 17 00:00:00 2001
From: nutra-bot <nutradigest@gmail.com>
Date: Tue, 18 Apr 2023 20:14:09 +0000
Subject: [PATCH] add resolver with google DNS, see:

    https://scotthelme.co.uk/ocsp-stapling-speeding-up-ssl/
---
 etc/nginx/conf.d/default.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/etc/nginx/conf.d/default.conf b/etc/nginx/conf.d/default.conf
index 4aef525..a04c9c2 100644
--- a/etc/nginx/conf.d/default.conf
+++ b/etc/nginx/conf.d/default.conf
@@ -22,6 +22,8 @@ server {
   ssl_stapling on;
   ssl_stapling_verify on;
   ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
+  resolver 8.8.8.8 8.8.4.4 valid=300s;
+  resolver_timeout 10s;
   # ssl_protocols TLSv1 TLSv1.1; # support legacy browsers
   # ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
 
-- 
2.52.0