- improve cdist type

- support for basic Nginx config under Centos and Debian
- improve security feature under Nginx
- support for Let's Encrypt
- support for SSL

files/nginx-header-https-letsencrypt

@@ -0,0 +1,25 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    ssl_certificate         /etc/nginx/ssl.crt;
+    ssl_certificate_key     /etc/nginx/ssl.key;
+    ssl_dhparam             /etc/nginx/dhparam.pem;
+
+    # OCSP 
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    ssl_trusted_certificate /etc/nginx/chain.pem;
+
+    # Chipers    
+    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
+    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:EECDH:EDH:!MD5:!RC4:!LOW:!MEDIUM:!CAMELLIA:!ECDSA:!DES:!DSS:!3DES:!NULL; 
+    ssl_prefer_server_ciphers on;
+    ssl_ecdh_curve secp384r1;
+    
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+    
+    # Session resumption
+    ssl_session_timeout 10m;
+    ssl_session_cache off;
+    ssl_session_tickets on;
+    ssl_session_ticket_key /etc/nginx/nginx-ticketkey;