Download:
child 264:a4140e0a7368
parent 262:93ad22d1825d
263:c92c3639acf3
Anton Shestakov <av6@dwimlabs.net>, Fri, 16 Dec 2016 11:23:21 +0800
provision: skip generating a custom dhparams file to save on deployment time

4 файлов изменено, 0 вставок(+), 24 удалений(-) [+]
contrib/provision/roles/nginx/tasks/main.yml file | annotate | diff | comparison | revisions
contrib/provision/roles/prosody/tasks/main.yml file | annotate | diff | comparison | revisions
contrib/provision/roles/tram-im/templates/etc/nginx/sites-available/tram-im file | annotate | diff | comparison | revisions
contrib/provision/roles/tram-im/templates/etc/prosody/conf.avail/tram-im.cfg.lua file | annotate | diff | comparison | revisions
--- a/contrib/provision/roles/nginx/tasks/main.yml Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/nginx/tasks/main.yml Fri Dec 16 11:23:21 2016 +0800
@@ -14,17 +14,6 @@
notify:
- restart nginx
-- name: Create a Diffie-Hellman key exchange parameters file
- command: >
- openssl dhparam
- {% if ansible_virtualization_type == "virtualbox" %}-dsaparam{% endif %}
- -out /etc/nginx/dh-2048.pem
- 2048
- args:
- creates: /etc/nginx/dh-2048.pem
- notify:
- - restart nginx
-
- name: Allow HTTP and HTTPS
ufw:
rule: allow
--- a/contrib/provision/roles/prosody/tasks/main.yml Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/prosody/tasks/main.yml Fri Dec 16 11:23:21 2016 +0800
@@ -14,17 +14,6 @@
sudo: yes
sudo_user: prosody
-- name: Generate a Diffie-Hellman key exchange parameters file
- command: >
- openssl dhparam
- {% if ansible_virtualization_type == "virtualbox" %}-dsaparam{% endif %}
- -out /etc/prosody/dh-2048.pem
- 2048
- args:
- creates: /etc/prosody/dh-2048.pem
- notify:
- - restart prosody
-
- name: Work around default config bug
file:
src: ../../ssl/certs/ssl-cert-snakeoil.pem
--- a/contrib/provision/roles/tram-im/templates/etc/nginx/sites-available/tram-im Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/tram-im/templates/etc/nginx/sites-available/tram-im Fri Dec 16 11:23:21 2016 +0800
@@ -22,7 +22,6 @@
ssl_certificate {{ ssl_cert }};
ssl_certificate_key {{ ssl_key }};
- ssl_dhparam /etc/nginx/dh-2048.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
--- a/contrib/provision/roles/tram-im/templates/etc/prosody/conf.avail/tram-im.cfg.lua Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/tram-im/templates/etc/prosody/conf.avail/tram-im.cfg.lua Fri Dec 16 11:23:21 2016 +0800
@@ -10,7 +10,6 @@
ssl = {
certificate = "{{ ssl_cert }}";
key = "{{ ssl_key }}";
- dhparam = "/etc/prosody/dh-2048.pem";
}
modules_enabled = {