From 59e2d2a289806f79fae525c5a0c5bc9f178bce56 Mon Sep 17 00:00:00 2001 From: Lars Beckers <lars.beckers@rwth-aachen.de> Date: Mon, 15 Mar 2021 14:56:46 +0100 Subject: [PATCH] webserver: remove fallback config that would never be used --- webserver/tasks/main.yml | 2 +- webserver/vars/fallback.yml | 12 ------------ 2 files changed, 1 insertion(+), 13 deletions(-) delete mode 100644 webserver/vars/fallback.yml diff --git a/webserver/tasks/main.yml b/webserver/tasks/main.yml index 187b4ab..f74319e 100644 --- a/webserver/tasks/main.yml +++ b/webserver/tasks/main.yml @@ -3,7 +3,7 @@ - name: include debian version specific configuration include_vars: - file: "{{debian_version|default('fallback')}}.yml" + file: "{{ ansible_distribution_release }}.yml" tags: - nginx - webservices diff --git a/webserver/vars/fallback.yml b/webserver/vars/fallback.yml deleted file mode 100644 index 972a42e..0000000 --- a/webserver/vars/fallback.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# yamllint disable rule:line-length - -protocols: - modern: 'TLSv1.2' - intermediate: 'TLSv1 TLSv1.1 TLSv1.2' -ciphers: - modern: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256' - intermediate: 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS' -prefer_server_ciphers: - modern: false - intermediate: true -- GitLab