Skip to content
Snippets Groups Projects
Commit 799c5a45 authored by Lars Beckers's avatar Lars Beckers
Browse files

Merge branch 'bullseye' into 'master'

Bullseye Compatibility

See merge request !14
parents 7d2896cc eaf74d42
No related branches found
No related tags found
1 merge request!14Bullseye Compatibility
Pipeline #3029 passed
......@@ -2,7 +2,7 @@
- name: include debian version specific vars
include_vars:
file: "{{debian_version|default('fallback')}}.yml"
file: "{{ ansible_distribution_release }}.yml"
- name: install commonly used web libraries
apt:
......
---
cdn_packages:
- libjs-jquery
- libjs-bootstrap
- libjs-bootstrap4
- libjs-chart.js
- libjs-jquery
- libjs-jquery-datatables
- libjs-jquery-ui
---
- name: include debian version specific vars
include_vars: "{{ debian_version }}.yml"
include_vars: "{{ ansible_distribution_release }}.yml"
- name: ensure php-fpm is installed
apt:
......
---
php_fpm_pkgs: ["php-fpm"]
php_version: "7.4"
---
php_fpm_pkgs: ["php-fpm5", "php5"]
......@@ -13,7 +13,7 @@
- name: Enable Postgres APT repository
apt_repository:
# yamllint disable-line rule:line-length
repo: "deb https://apt.postgresql.org/pub/repos/apt/ {{ debian_version }}-pgdg main"
repo: "deb https://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"
- name: Debconf pgadmin4
debconf:
......@@ -35,7 +35,7 @@
apt:
name: python3-flaskext.wtf
default_release: stretch-pgdg
when: debian_version == "stretch"
when: ansible_distribution_release == "stretch"
- name: Fix directory permissions
file:
......
......@@ -44,10 +44,12 @@ log-x-forwarded-for =
{% if app_python_version == 2 %}
plugin = python27
{% elif app_python_version == 3 %}
{% if debian_version == "stretch" %}
{% if ansible_distribution_release == "stretch" %}
plugin = python35
{% elif debian_version == "buster" %}
{% elif ansible_distribution_release == "buster" %}
plugin = python37
{% elif ansible_distribution_release == "bullseye" %}
plugin = python39
{% endif %}
{% endif %}
{% if app_venv != '' %}
......
......@@ -8,7 +8,9 @@ ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill -INT $MAINPID
Restart=always
Type=notify
{% if ansible_distribution_major_version|int(default=99) < 11 %}
StandardError=syslog
{% endif %}
NotifyAccess=all
KillSignal=SIGQUIT
SuccessExitStatus=15 17 29 30
......
......@@ -3,7 +3,7 @@
- name: include debian version specific configuration
include_vars:
file: "{{debian_version|default('fallback')}}.yml"
file: "{{ ansible_distribution_release }}.yml"
tags:
- nginx
- webservices
......
---
# yamllint disable rule:line-length
protocols:
modern: 'TLSv1.3'
intermediate: 'TLSv1.2 TLSv1.3'
ciphers:
modern: null
intermediate: 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'
prefer_server_ciphers:
modern: false
intermediate: false
---
# yamllint disable rule:line-length
protocols:
modern: 'TLSv1.2'
intermediate: 'TLSv1 TLSv1.1 TLSv1.2'
ciphers:
modern: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
intermediate: 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'
prefer_server_ciphers:
modern: false
intermediate: true
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment