Commit 799c5a45 authored by Lars Beckers's avatar Lars Beckers
Browse files

Merge branch 'bullseye' into 'master'

Bullseye Compatibility

See merge request !14
parents 7d2896cc eaf74d42
Pipeline #3029 passed with stage
in 1 minute and 30 seconds
......@@ -2,7 +2,7 @@
- name: include debian version specific vars
include_vars:
file: "{{debian_version|default('fallback')}}.yml"
file: "{{ ansible_distribution_release }}.yml"
- name: install commonly used web libraries
apt:
......
---
cdn_packages:
- libjs-jquery
- libjs-bootstrap
- libjs-bootstrap4
- libjs-chart.js
- libjs-jquery
- libjs-jquery-datatables
- libjs-jquery-ui
---
- name: include debian version specific vars
include_vars: "{{ debian_version }}.yml"
include_vars: "{{ ansible_distribution_release }}.yml"
- name: ensure php-fpm is installed
apt:
......
---
php_fpm_pkgs: ["php-fpm"]
php_version: "7.4"
---
php_fpm_pkgs: ["php-fpm5", "php5"]
......@@ -13,7 +13,7 @@
- name: Enable Postgres APT repository
apt_repository:
# yamllint disable-line rule:line-length
repo: "deb https://apt.postgresql.org/pub/repos/apt/ {{ debian_version }}-pgdg main"
repo: "deb https://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"
- name: Debconf pgadmin4
debconf:
......@@ -35,7 +35,7 @@
apt:
name: python3-flaskext.wtf
default_release: stretch-pgdg
when: debian_version == "stretch"
when: ansible_distribution_release == "stretch"
- name: Fix directory permissions
file:
......
......@@ -44,10 +44,12 @@ log-x-forwarded-for =
{% if app_python_version == 2 %}
plugin = python27
{% elif app_python_version == 3 %}
{% if debian_version == "stretch" %}
{% if ansible_distribution_release == "stretch" %}
plugin = python35
{% elif debian_version == "buster" %}
{% elif ansible_distribution_release == "buster" %}
plugin = python37
{% elif ansible_distribution_release == "bullseye" %}
plugin = python39
{% endif %}
{% endif %}
{% if app_venv != '' %}
......
......@@ -8,7 +8,9 @@ ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill -INT $MAINPID
Restart=always
Type=notify
{% if ansible_distribution_major_version|int(default=99) < 11 %}
StandardError=syslog
{% endif %}
NotifyAccess=all
KillSignal=SIGQUIT
SuccessExitStatus=15 17 29 30
......
......@@ -3,7 +3,7 @@
- name: include debian version specific configuration
include_vars:
file: "{{debian_version|default('fallback')}}.yml"
file: "{{ ansible_distribution_release }}.yml"
tags:
- nginx
- webservices
......
---
# yamllint disable rule:line-length
protocols:
modern: 'TLSv1.3'
intermediate: 'TLSv1.2 TLSv1.3'
ciphers:
modern: null
intermediate: 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'
prefer_server_ciphers:
modern: false
intermediate: false
---
# yamllint disable rule:line-length
protocols:
modern: 'TLSv1.2'
intermediate: 'TLSv1 TLSv1.1 TLSv1.2'
ciphers:
modern: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
intermediate: 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'
prefer_server_ciphers:
modern: false
intermediate: true
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment