radityo/ansible-nginx
1
0
Fork 0
mirror of https://github.com/HanXHX/ansible-nginx.git synced 2026-02-24 09:03:29 +07:00
Code Issues Projects Releases Wiki Activity

Fix deprecations (#35)

Browse Source 
* Drop Nagios support
* Fix start PHP-FPM on Docker
* Fix deprecations on Ansible 2.7

- with_ -> loop
- fix filters as test
- test version_compare -> version
- set min_version to 2.5
This commit is contained in:
Emilien M
2019-01-24 11:05:46 +01:00
committed by GitHub
parent 87c1c68949
commit 8218e5c972
25 changed files with 71 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
templates/etc/nginx/helper/ssl-legacy.j2
View File

@@ -3,10 +3,10 @@
#
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2{% if nginx_version.stdout | version_compare('1.13.0', 'ge') %} TLSv1.3{% endif %};
ssl_protocols TLSv1 TLSv1.1 TLSv1.2{% if nginx_version.stdout is version('1.13.0', 'ge') %} TLSv1.3{% endif %};
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') %} always{% endif %};
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout is version('1.7.5', 'ge') %} always{% endif %};
ssl_stapling on;
ssl_stapling_verify on;
resolver {{ nginx_resolver_hosts | join(' ') }} valid={{ nginx_resolver_valid }};

4
templates/etc/nginx/helper/ssl-strong.j2
View File

@@ -3,10 +3,10 @@
#
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2{% if nginx_version.stdout | version_compare('1.13.0', 'ge') %} TLSv1.3{% endif %};
ssl_protocols TLSv1 TLSv1.1 TLSv1.2{% if nginx_version.stdout is version('1.13.0', 'ge') %} TLSv1.3{% endif %};
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') %} always{% endif %};
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout is version('1.7.5', 'ge') %} always{% endif %};
ssl_stapling on;
ssl_stapling_verify on;
resolver {{ nginx_resolver_hosts | join(' ') }} valid={{ nginx_resolver_valid }};