--- a/contrib/provision/roles/nginx/tasks/main.yml Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/nginx/tasks/main.yml Fri Dec 16 11:23:21 2016 +0800
-- name: Create a Diffie-Hellman key exchange parameters file
- {% if ansible_virtualization_type == "virtualbox" %}-dsaparam{% endif %}
- -out /etc/nginx/dh-2048.pem
- creates: /etc/nginx/dh-2048.pem
- name: Allow HTTP and HTTPS
--- a/contrib/provision/roles/prosody/tasks/main.yml Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/prosody/tasks/main.yml Fri Dec 16 11:23:21 2016 +0800
-- name: Generate a Diffie-Hellman key exchange parameters file
- {% if ansible_virtualization_type == "virtualbox" %}-dsaparam{% endif %}
- -out /etc/prosody/dh-2048.pem
- creates: /etc/prosody/dh-2048.pem
- name: Work around default config bug
src: ../../ssl/certs/ssl-cert-snakeoil.pem
--- a/contrib/provision/roles/tram-im/templates/etc/nginx/sites-available/tram-im Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/tram-im/templates/etc/nginx/sites-available/tram-im Fri Dec 16 11:23:21 2016 +0800
ssl_certificate {{ ssl_cert }};
ssl_certificate_key {{ ssl_key }};
- ssl_dhparam /etc/nginx/dh-2048.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:1m;
--- a/contrib/provision/roles/tram-im/templates/etc/prosody/conf.avail/tram-im.cfg.lua Tue Dec 13 13:23:03 2016 +0800
+++ b/contrib/provision/roles/tram-im/templates/etc/prosody/conf.avail/tram-im.cfg.lua Fri Dec 16 11:23:21 2016 +0800
certificate = "{{ ssl_cert }}";
- dhparam = "/etc/prosody/dh-2048.pem";