roles/apache: Role to deploy Apache HTTPD
The *apache* role installs and configures the Apache HTTPD server and its *mod_ssl* module. It currently only works on Fedora/RHEL-based distributions.
This commit is contained in:
48
roles/apache/defaults/main.yml
Normal file
48
roles/apache/defaults/main.yml
Normal file
@@ -0,0 +1,48 @@
|
||||
apache_mpm: prefork
|
||||
apache_keep_num_logs: 4
|
||||
apache_max_log_size: 256M
|
||||
apache_ssl_protocol:
|
||||
- all
|
||||
- '-SSLv2'
|
||||
- '-SSLv3'
|
||||
apache_ssl_ciphersuite:
|
||||
- ECDHE-RSA-AES128-GCM-SHA256
|
||||
- ECDHE-ECDSA-AES128-GCM-SHA256
|
||||
- ECDHE-RSA-AES256-GCM-SHA384
|
||||
- ECDHE-ECDSA-AES256-GCM-SHA384
|
||||
- DHE-RSA-AES128-GCM-SHA256
|
||||
- DHE-DSS-AES128-GCM-SHA256
|
||||
- kEDH+AESGCM
|
||||
- ECDHE-RSA-AES128-SHA256
|
||||
- ECDHE-ECDSA-AES128-SHA256
|
||||
- ECDHE-RSA-AES128-SHA
|
||||
- ECDHE-ECDSA-AES128-SHA
|
||||
- ECDHE-RSA-AES256-SHA384
|
||||
- ECDHE-ECDSA-AES256-SHA384
|
||||
- ECDHE-RSA-AES256-SHA
|
||||
- ECDHE-ECDSA-AES256-SHA
|
||||
- DHE-RSA-AES128-SHA256
|
||||
- DHE-RSA-AES128-SHA
|
||||
- DHE-DSS-AES128-SHA256
|
||||
- DHE-RSA-AES256-SHA256
|
||||
- DHE-DSS-AES256-SHA
|
||||
- DHE-RSA-AES256-SHA
|
||||
- AES128-GCM-SHA256
|
||||
- AES256-GCM-SHA384
|
||||
- AES128
|
||||
- AES256
|
||||
- HIGH
|
||||
- '!RC4'
|
||||
- '!aNULL'
|
||||
- '!eNULL'
|
||||
- '!EXPORT'
|
||||
- '!DES'
|
||||
- '!3DES'
|
||||
- '!MD5'
|
||||
apache_ssl_certificate: /etc/pki/tls/certs/localhost.crt
|
||||
apache_ssl_certificate_key: /etc/pki/tls/private/localhost.key
|
||||
apache_default_ssl_vhost: true
|
||||
apache_ssl_listen_port: 443
|
||||
web_ports:
|
||||
- '{{ apache_ssl_listen_port if apache_ssl_listen_port != 443 else "https" }}'
|
||||
- http
|
||||
Reference in New Issue
Block a user