Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/common/meta/main.yml - annotation
8d272d91d3d2
558 B
text/x-yaml
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
0f817823bed7 0f817823bed7 0f817823bed7 b2cbf5050e57 d5252677bcb0 7742feee3781 d5252677bcb0 f454072704fa f454072704fa f454072704fa 4b964a31bd96 4b964a31bd96 4b964a31bd96 4b964a31bd96 4b964a31bd96 c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e c91c9e52484e 325b9d16a72b | ---
dependencies:
- role: backup
when: enable_backup
backup_patterns_filename: common
backup_patterns:
- "/var/log"
- "/etc/shadow"
- "/var/mail"
- "/var/spool/cron"
- role: backup
when: enable_backup
backup_patterns_filename: common_extra
backup_patterns: "{{ extra_backup_patterns }}"
galaxy_info:
author: Branko Majic
description: Apply common configuration and hardening on server
license: BSD
min_ansible_version: 2.9
platforms:
- name: Debian
versions:
- 9
- 10
|