From 59e2d2a289806f79fae525c5a0c5bc9f178bce56 Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Mon, 15 Mar 2021 14:56:46 +0100
Subject: [PATCH] webserver: remove fallback config that would never be used

---
 webserver/tasks/main.yml    |  2 +-
 webserver/vars/fallback.yml | 12 ------------
 2 files changed, 1 insertion(+), 13 deletions(-)
 delete mode 100644 webserver/vars/fallback.yml

diff --git a/webserver/tasks/main.yml b/webserver/tasks/main.yml
index 187b4ab..f74319e 100644
--- a/webserver/tasks/main.yml
+++ b/webserver/tasks/main.yml
@@ -3,7 +3,7 @@
 
 - name: include debian version specific configuration
   include_vars:
-    file: "{{debian_version|default('fallback')}}.yml"
+    file: "{{ ansible_distribution_release }}.yml"
   tags:
     - nginx
     - webservices
diff --git a/webserver/vars/fallback.yml b/webserver/vars/fallback.yml
deleted file mode 100644
index 972a42e..0000000
--- a/webserver/vars/fallback.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-# yamllint disable rule:line-length
-
-protocols:
-  modern: 'TLSv1.2'
-  intermediate: 'TLSv1 TLSv1.1 TLSv1.2'
-ciphers:
-  modern: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
-  intermediate: 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'
-prefer_server_ciphers:
-  modern: false
-  intermediate: true
-- 
GitLab