Roll out new cipher suites
This commit is contained in:
parent
00b88ad647
commit
d7f34587be
@ -1,3 +1,4 @@
|
||||
#!/usr/bin/ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
backups_outdir: "/cold/backups"
|
||||
ssl_cipher_suite: "!SHA1:!SHA256:!SHA384"
|
||||
|
@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
|
||||
SSLCertificateFile /etc/pki/cert/crt/{{ dokuwiki_url }}.crt
|
||||
SSLCertificateKeyFile /etc/pki/cert/private/{{ dokuwiki_url }}.key
|
||||
SSLCertificateChainFile /etc/pki/cert/crt/{{ dokuwiki_url}}-fullchain.crt
|
||||
SSLCipherSuite {{ ssl_cipher_suite }}
|
||||
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
|
||||
SSLOptions +StdEnvVars
|
||||
</FilesMatch>
|
||||
|
@ -16,6 +16,7 @@ SSLProxyEngine on
|
||||
SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt
|
||||
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key
|
||||
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt
|
||||
SSLCipherSuite {{ ssl_cipher_suite }}
|
||||
ServerName {{ gitea_url }}
|
||||
DocumentRoot {{ gitea_webroot }}
|
||||
<Directory "{{ gitea_webroot }}">
|
||||
|
@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
|
||||
SSLCertificateFile /etc/pki/cert/crt/{{ gitlab_url }}.crt
|
||||
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitlab_url }}.key
|
||||
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitlab_url }}-fullchain.crt
|
||||
SSLCipherSuite {{ ssl_cipher_suite }}
|
||||
ServerName {{ gitlab_url }}
|
||||
DocumentRoot {{ gitlab_webroot }}
|
||||
<Directory "{{ gitlab_webroot }}">
|
||||
|
@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
|
||||
SSLCertificateFile /etc/pki/cert/crt/{{ gitweb_url }}.crt
|
||||
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitweb_url }}.key
|
||||
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitweb_url}}-fullchain.crt
|
||||
SSLCipherSuite {{ ssl_cipher_suite }}
|
||||
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
|
||||
SSLOptions +StdEnvVars
|
||||
</FilesMatch>
|
||||
|
@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
|
||||
SSLCertificateFile /etc/pki/cert/crt/{{ nextcloud_url }}.crt
|
||||
SSLCertificateKeyFile /etc/pki/cert/private/{{ nextcloud_url }}.key
|
||||
SSLCertificateChainFile /etc/pki/cert/crt/{{ nextcloud_url}}-fullchain.crt
|
||||
SSLCipherSuite {{ ssl_cipher_suite }}
|
||||
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
|
||||
SSLOptions +StdEnvVars
|
||||
</FilesMatch>
|
||||
|
Loading…
Reference in New Issue
Block a user