Files @ ab20d5b216c4
Branch filter:

Location: majic-ansible-roles/roles/web_server/defaults/main.yml

ab20d5b216c4 864 B text/x-yaml Show Annotation Show as Raw Download as Raw
branko
MAR-192: Added support for Debian 12 Bookworm to web_server role:

- Some tweaks had to be done to test the TLS, but it would be useful
to revisit the TLS configuration in general in the future, and to
modernise it for TLSv1.2 and TLSv1.3, especially once the supports
for Debian 11 Bullseye is dropped.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
---

environment_indicator: null

web_default_title: "Welcome"
web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."
web_server_tls_protocols:
  - "TLSv1.2"
web_server_tls_ciphers: "\
DHE-RSA-AES128-GCM-SHA256:\
DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-CHACHA20-POLY1305:\
ECDHE-RSA-AES128-GCM-SHA256:\
ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-CHACHA20-POLY1305:\
!aNULL:!MD5:!EXPORT"

# Internal parameters
php_fpm_service_name_per_release:
  bullseye: "php7.4-fpm"
  bookworm: "php8.2-fpm"

php_base_config_dir_per_release:
  bullseye: "/etc/php/7.4"
  bookworm: "/etc/php/8.2"

php_fpm_package_name: "php-fpm"
php_fpm_service_name: "{{ php_fpm_service_name_per_release[ansible_distribution_release] }}"
php_base_config_dir: "{{ php_base_config_dir_per_release[ansible_distribution_release] }}"
This site is powered by Kallithea 0.7.0, which is © 2010–2023 by various authors & licensed under GPLv3.