Diffusion Ansible Setup for KDE ab4c6ebd31b4

Add Apache config for newer distros
ab4c6ebd31b4
Actions

Authored by nalvarez on May 22 2020, 2:47 AM.

Description

Add Apache config for newer distros

The previous version of secure-ssl.conf in this repo was only for older
systems, it used an old set of allowed SSL protocols and ciphers. This
commit adds the config used on newer servers, checking the distro version
to see which config to use.

The only exceptions are library and stumptown, which have newer versions
of Apache and OpenSSL, but use the older SSL config. I added a hostvar to
formalize this deviation, but we should probably make them use the newer
config too. I just didn't want to change anything with this playbook,
only document the current state.

Details

Committed
nalvarezMay 22 2020, 2:47 AM
Parents
R897:f370019c9cfa: Make an 'apache' group instead of listing hosts in the playbook
Branches
Unknown
Tags
Unknown

Changes (4)

PathPackages
Mproduction/host_vars/library.kde.org.yml
Mproduction/host_vars/stumptown.kde.org.yml
Mproduction/hosts
Mroles/apache/templates/secure-ssl.conf

R897:ab4c6ebd31b4

View Options

production/host_vars/library.kde.org.yml

Loading...
View Options

production/host_vars/stumptown.kde.org.yml

Loading...
View Options

production/hosts

Loading...
View Options

roles/apache/templates/secure-ssl.conf

Loading...