diff --git a/config/common/nginx.nix b/config/common/nginx.nix
new file mode 100644
index 0000000..6d4465d
--- /dev/null
+++ b/config/common/nginx.nix
@@ -0,0 +1,26 @@
+# Common nginx configuration.
+# Sources for this configuration:
+# - https://nixos.wiki/wiki/Nginx
+# - Julians nginx Ansible role
+
+{ config, pkgs, ... }:
+
+{
+  services.nginx = {
+    # See here:
+    # - https://github.com/NixOS/nixpkgs/blob/2809915f19bd120f840bea27fbf915a546c08878/nixos/modules/services/web-servers/nginx/default.nix#L178
+    # apparently follows:
+    # - https://ssl-config.mozilla.org/
+    recommendedTlsSettings = true;
+    # See here:
+    # - https://github.com/NixOS/nixpkgs/blob/2809915f19bd120f840bea27fbf915a546c08878/nixos/modules/services/web-servers/nginx/default.nix#L203
+    # - https://docs.nginx.com/nginx/admin-guide/web-server/compression/
+    recommendedGzipSettings = true;
+    # See here:
+    # - https://github.com/NixOS/nixpkgs/blob/2809915f19bd120f840bea27fbf915a546c08878/nixos/modules/services/web-servers/nginx/default.nix#L166
+    recommendedOptimisation = true;
+    # See here:
+    # - https://github.com/NixOS/nixpkgs/blob/2809915f19bd120f840bea27fbf915a546c08878/nixos/modules/services/web-servers/nginx/default.nix#L223
+    recommendedProxySettings = true;
+  };
+}