radityo
/
ansible-nginx
mirror of https://github.com/HanXHX/ansible-nginx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

SSL helper can be disabled

pull/22/head
Emilien Mantel 2016-03-15 12:16:57 +01:00
parent 2ba906be2e
commit ee79ec9845
3 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doc/vhost.md
View File

@ -26,6 +26,7 @@ Common
- `htpasswd`: (O) References name key in `nginx_htpasswd`. Enable auth basic on all vhost. - `htpasswd`: (O) References name key in `nginx_htpasswd`. Enable auth basic on all vhost.
- `proto`: (O) list of protocol used. Default is a list with "http". If you need http and https, you must set a list with "http" and "https". You can only set "https" without http support. - `proto`: (O) list of protocol used. Default is a list with "http". If you need http and https, you must set a list with "http" and "https". You can only set "https" without http support.
- `ssl_name`: (D) name of the key used when using TLS/SSL. Mandatory when `proto` contains "https" - `ssl_name`: (D) name of the key used when using TLS/SSL. Mandatory when `proto` contains "https"
- `ssl_template` (O) "strong" (default) or "legacy". You can disable SSL helpers and add your own directives by setting "false".
(O): Optional (O): Optional
(M): Mandatory (M): Mandatory

2
templates/etc/nginx/sites-available/_base.j2
View File

@ -34,7 +34,9 @@ server {
listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules %} http2{% endif %}; listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules %} http2{% endif %};
{% endfor %} {% endfor %}
{{ ssl(item.ssl_name) }} {{ ssl(item.ssl_name) }}
{% if item.ssl_template is not defined or item.ssl_template != false %}
include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }}; include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};
{% endif %}
{% endif %} {% endif %}
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ item.name | join(' ') }}{% endif %}; server_name {% if item.name is string %}{{ item.name }}{% else %}{{ item.name | join(' ') }}{% endif %};
{% block root %} {% block root %}

1
tests/test.yml
View File

@ -174,6 +174,7 @@
ssl_name: 'test-ssl-predeployed.local' ssl_name: 'test-ssl-predeployed.local'
more: more:
- 'add_header X-ansible-default 1;' - 'add_header X-ansible-default 1;'
ssl_template: false
- name: 'test-ssl-redirect.local' - name: 'test-ssl-redirect.local'
proto: ['https'] proto: ['https']
template: '_base' template: '_base'