Files @ 8d272d91d3d2
Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/defaults/main.yml - annotation

8d272d91d3d2 363 B text/x-yaml Show Source Show as Raw Download as Raw
branko
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:

- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
e61d502b9d00
e61d502b9d00
2ada86e90026
114f02e67a4d
c95f61f32b67
52c4a4001c46
52c4a4001c46
52c4a4001c46
52c4a4001c46
52c4a4001c46
52c4a4001c46
52c4a4001c46
52c4a4001c46
52c4a4001c46

---

enable_backup: false
xmpp_prosody_package: "prosody-0.11"
xmpp_server_archive_expiration: "never"
xmpp_server_tls_protocol: "tlsv1_2+"
xmpp_server_tls_ciphers: "\
DHE-RSA-AES128-GCM-SHA256:\
DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-CHACHA20-POLY1305:\
ECDHE-RSA-AES128-GCM-SHA256:\
ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-CHACHA20-POLY1305:\
!aNULL:!MD5:!EXPORT"
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.