Merge branch 'master' of git.9iron.club:salt/ansible

This commit is contained in:
Salt 2020-06-05 08:04:21 -05:00
commit e6cef1d8fb
13 changed files with 12 additions and 53 deletions

View File

@ -1,4 +1,5 @@
#!/usr/bin/ansible-playbook
# vim:ft=ansible:
backups_outdir: "/cold/backups"
ssl_cipher_suite: "!SHA1:!SHA256:!SHA384"
ssl_protocol: "all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1"
ssl_cipher_suite: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"

View File

@ -106,6 +106,7 @@
- papirus-icon-theme
- pavucontrol-qt
- polybar
- qt5ct
- xbacklight
# Desktop applications
- cantata

View File

@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
SSLCertificateFile /etc/pki/cert/crt/{{ dokuwiki_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ dokuwiki_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ dokuwiki_url}}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
SSLOptions +StdEnvVars

View File

@ -1,13 +0,0 @@
# Configuration for {{ dokuwiki_url }}
# vim:ft=apache:
# Website configuration
<VirtualHost *:80>
ServerName {{ dokuwiki_url }}
DocumentRoot {{ dokuwiki_webroot }}
<Directory "{{ dokuwiki_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
</VirtualHost>

View File

@ -16,6 +16,7 @@ SSLProxyEngine on
SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
ServerName {{ gitea_url }}
DocumentRoot {{ gitea_webroot }}

View File

@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
SSLCertificateFile /etc/pki/cert/crt/{{ gitlab_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitlab_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitlab_url }}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
ServerName {{ gitlab_url }}
DocumentRoot {{ gitlab_webroot }}

View File

@ -1,13 +0,0 @@
# Configuration for {{ gitlab_url }}
# vim:ft=apache:
# Website configuration
<VirtualHost *:80>
ServerName {{ gitlab_url }}
DocumentRoot {{ gitlab_webroot }}
<Directory "{{ gitlab_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
</VirtualHost>

View File

@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
SSLCertificateFile /etc/pki/cert/crt/{{ gitweb_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitweb_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitweb_url}}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
SSLOptions +StdEnvVars

View File

@ -1,13 +0,0 @@
# Configuration for {{ gitweb_url }}
# vim:ft=apache:
# Website configuration
<VirtualHost *:80>
ServerName {{ gitweb_url }}
DocumentRoot {{ gitweb_webroot }}
<Directory "{{ gitweb_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
</VirtualHost>

View File

@ -16,6 +16,8 @@ SSLProxyEngine on
SSLCertificateFile /etc/pki/cert/crt/{{ grafana_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ grafana_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ grafana_url }}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
ServerName {{ grafana_url }}
DocumentRoot {{ grafana_webroot }}
<Directory "{{ grafana_webroot }}">

View File

@ -14,6 +14,7 @@ SSLStrictSNIVHostCheck off
SSLCertificateFile /etc/pki/cert/crt/{{ nextcloud_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ nextcloud_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ nextcloud_url}}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
SSLOptions +StdEnvVars

View File

@ -1,13 +0,0 @@
# Configuration for {{ nextcloud_url }}
# vim:ft=apache:
# Website configuration
<VirtualHost *:80>
ServerName {{ nextcloud_url }}
DocumentRoot {{ nextcloud_webroot }}
<Directory "{{ nextcloud_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
</VirtualHost>

View File

@ -15,6 +15,8 @@ SSLStrictSNIVHostCheck off
SSLCertificateFile /etc/pki/cert/crt/{{ redirect_from }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ redirect_from }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ redirect_from}}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
ServerName {{ redirect_from }}
Redirect permanent / https://{{ redirect_to }}/
</VirtualHost>