thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
695 Commits
1 Branch
Tree: 2062225709
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2062225709'
${ noResults }
sovereign/roles/common/tasks/ssl.yml

ssl.yml 1017B
History Raw

123456789101112131415161718192021222324252627282930 
  1. - name: Create strong Diffie-Hellman group

  2.   command: openssl dhparam -out /etc/ssl/private/dhparam2048.pem 2048

  3.     creates=/etc/ssl/private/dhparam2048.pem

  4. 

  5. - name: Enable Apache SSL module

  6.   command: a2enmod ssl creates=/etc/apache2/mods-enabled/ssl.load

  7.   notify: restart apache

  8. 

  9. - name: Enable NameVirtualHost for HTTPS

  10.   lineinfile:

  11.     dest=/etc/apache2/ports.conf regexp='^    NameVirtualHost \*:443'

  12.     insertafter='^<IfModule mod_ssl.c>'

  13.     line='    NameVirtualHost *:443'

  14.   notify: restart apache

  15. 

  16. - name: Enable Apache SOCACHE_SHMCB module for the SSL stapling cache

  17.   command: a2enmod socache_shmcb

  18.     creates=/etc/apache2/mods-enabled/socache_shmcb.load

  19.   notify: restart apache

  20. 

  21. - name: Add common Apache SSL config

  22.   template: src=etc_apache2_conf-available_ssl.conf.j2

  23.     dest=/etc/apache2/conf-available/ssl.conf

  24.     owner=root

  25.     group=root

  26.   notify: restart apache

  27. 

  28. - name: Enable Apache SSL config

  29.   command: a2enconf ssl creates=/etc/apache2/conf-enabled/ssl.conf

  30.   notify: restart apache