banananetwork
/
ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity
706 Commits
3 Branches
0 Tags
1.7 MiB
master
dehydrated
wip
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8443555583'
${ noResults }
Commit Graph

52 Commits (844355558371db61d8866c5e3f08ea2e1b7f6ff6)

Author SHA1 Message Date
Felix Stupp 8443555583
nginx/application: Changed port numbers to string 
To avoid conversion warning of ansible
 4 years ago
Felix Stupp a9c8fd9af3
Moved var nginx_installation_directory to global vars 4 years ago
Felix Stupp b1a93849a1
Moved var nginx_system_user to global vars 4 years ago
Felix Stupp f46e51115e
acme: Changed underlying package from acme.sh to certbot 4 years ago
Felix Stupp 55451f321a
acme,nginx: Reversed dependency to match real dependency 4 years ago
Felix Stupp 9ad4ada018
acme,nginx: Renamed var for validation root to acme prefix 4 years ago
Felix Stupp 98b7f4744e
Extracted service_name of nginx to global var 4 years ago
Felix Stupp 36da702163
nginx/application: Disable log for HTTPs forwarding 4 years ago
Felix Stupp 5c374bc977
nginx/application: Added security relevant HTTP headers to global config 
Duplicates removed from server/nextcloud
 4 years ago
Felix Stupp 9d8d041241
nginx/application: Fixed typo of "unnecessary" 4 years ago
Felix Stupp 7a33ceffb8
nginx/application: Removed configuring trusted certificate for OCSP 
Can be derived by given certificate for host
 4 years ago
Felix Stupp 12e47c19c9
all/vars: Added var global_log_directory 
Added usage in role nginx/application
 4 years ago
Felix Stupp 08a37c6dab
nginx/application: Configure dhparams for SSL 4 years ago
Felix Stupp debbcb1a1b
nginx: Moved dot-file-exclution from global snippet to root snippet 
Only file based servers may require this directive,
other servers are not expected to leak hidden files other than on purpose
 4 years ago
Felix Stupp f2c92e94e2
nginx: Moved index directive from root snippet to specific static role 4 years ago
Felix Stupp 58955871ad
nginx/application: Removed specfic exclusion of htaccess files 
Because dot files are already blocked in general
 4 years ago
Felix Stupp 0043d6255a
nginx/application global.conf: Added comment to excluding hidden files 4 years ago
Felix Stupp 2dcfd1b09e
nginx: Added full paths to includes of snippets / fastcgi_params 
To allow Ansible to validate the main config if placed on different
locations
 4 years ago
Felix Stupp 8ebe8aecfb
nginx/application: Hide server tokens per default 4 years ago
Felix Stupp e2b7778c8b
nginx/application: Changed Referrer-Policy to strict-origin 
For better enforcing of secure handling of referrer information
 5 years ago
Felix Stupp fb0c1f0901
Changed "ansible_fqdn" to "inventory_hostname" 
Due to some hosts misconfigure fqdn themselves
 5 years ago
Felix Stupp 9c63c8516b
nginx/application: Disabled SSL Session Tickets 5 years ago
Felix Stupp 409ea327f0
nginx/application: Increased ssl_cache timeout 5 years ago
Felix Stupp fc897ea3b9
nginx/application: Fixed configuring resolver for OCSP Stapling 5 years ago
Felix Stupp edf455bf66
nginx/application: Allowed dot files uploads by Nextcloud 5 years ago
Felix Stupp c21ee11c66
nginx/application: Blocked all hidden directories except well-known 5 years ago
Felix Stupp 502606b1e3
nginx/application: Set type to text for test file 5 years ago
Felix Stupp 57e422b478
nginx/application: Disabled access_log on acme requests 5 years ago
Felix Stupp a3fde6aa3c
acme: Moved certificate handling to custom system user 
Avoided using root for acme.sh
Modified also role nginx/application
 5 years ago
Felix Stupp 9ba13c5d73
nginx/application: Enabled OCSP Stapling 5 years ago
Felix Stupp 22f14189c2
nginx/application: Enabled TLSv1.3 and reworked ciphers 5 years ago
Felix Stupp ce1f2fb132
nginx/application: Increased time for HSTS 5 years ago
Felix Stupp 5bed7d067a
nginx/application: Added localhost as resolver for nginx 5 years ago
Felix Stupp d9eb74649f
nginx/application: Fixed missing notify for templates 5 years ago
Felix Stupp 6c310a8f3d
roles/nginx/application: Set allow_duplicates to false 5 years ago
Felix Stupp 6b376cacfa
roles/nginx/application: Added snippets acme and root 5 years ago
Felix Stupp da676ebc32
roles/nginx/application: Included upstreams directory 5 years ago
Felix Stupp 7e56f8ada5
roles/nginx/application: Fixed global forwarding to https 5 years ago
Felix Stupp 097ff3d743
roles/nginx/application: Fixed nginx variable configuration 5 years ago
Felix Stupp 5676165f1c
roles/nginx/application: Fixed configuration for global logs 5 years ago
Felix Stupp d80261fe53
roles/nginx/application: Added validation for nginx.conf 5 years ago
Felix Stupp 007c7ed2a4
roles/nginx/application: Fixed task names containing item keyword 5 years ago
Felix Stupp 226bc9c873
Reconfigured nginx / acme validation handling 5 years ago
Felix Stupp 7122bcf9e3
nginx/application: Enabled acme verification for all over http 5 years ago
Felix Stupp facee1a61d
nginx/application: Extracted acme snippets from global 5 years ago
Felix Stupp d08159eb24
nginx/application: Removed duplicated ssl configuration 5 years ago
Felix Stupp b49a832759
nginx/application: Added rules for firewall 5 years ago
Felix Stupp 2186137327
nginx/application: Used vars in nginx.conf 5 years ago
Felix Stupp 7a84ae4fdc
nginx/application: Fixed uploading and including snippets 5 years ago
Felix Stupp 6a6e2f6602
Moved dependency of certificate validation directory to nginx role 5 years ago