rilla
/
ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pikvm ssl config

main
Ricard Illa 2022-10-18 18:15:49 +02:00
parent 5a108267fc
commit 3b146198f3
3 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
roles/pikvm_ssl/tasks/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: ssl template config
template:
src: ssl.conf.j2
dest: /etc/kvmd/nginx/ssl.conf

5
roles/pikvm_ssl/templates/ssl.conf.j2 Normal file
View File

@ -0,0 +1,5 @@
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_certificate { kvmd_pst_data }/acme/{ domain }/fullchain.cer;
ssl_certificate_key { kvmd_pst_data }/acme/{ domain }/{ domain }.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

1
roles/pikvm_ssl/vars/main.yml Normal file
View File

@ -0,0 +1 @@
kvmd_pst_data: /var/lib/kvmd/pst/data