1
0
mirror of https://github.com/dev-sec/ansible-nginx-hardening.git synced 2024-11-22 19:42:02 +01:00

Merge pull request #16 from oakey-b1/fix_duplicate_error

Fix duplicate ssl_prefer_server_ciphers error
This commit is contained in:
Sebastian Gumprich 2018-01-28 19:37:30 +01:00 committed by GitHub
commit f3a6fbdb69
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 2 deletions

@ -13,6 +13,14 @@
lineinfile: dest="/etc/nginx/nginx.conf" regexp="^\s*server_tokens" line="server_tokens {{nginx_server_tokens}};" insertafter="http {"
notify: reload nginx
- name: change ssl_protocols in main nginx.conf
lineinfile: dest="/etc/nginx/nginx.conf" regexp="^\s*ssl_protocols" line="ssl_protocols {{nginx_ssl_protocols}};" insertafter="http {"
notify: reload nginx
- name: change ssl_prefer_server_ciphers in main nginx.conf
lineinfile: dest="/etc/nginx/nginx.conf" regexp="^\s*ssl_prefer_server_ciphers" line="ssl_prefer_server_ciphers {{nginx_ssl_prefer_server_ciphers}};" insertafter="http {"
notify: reload nginx
- name: change client_max_body_size in main nginx.conf
lineinfile: dest="/etc/nginx/nginx.conf" regexp="^\s*client_max_body_size" line="client_max_body_size {{nginx_client_max_body_size}};" insertafter="http {"
notify: reload nginx

@ -8,10 +8,8 @@ client_header_timeout {{nginx_client_header_timeout}};
send_timeout {{nginx_send_timeout}};
limit_conn_zone {{nginx_limit_conn_zone}};
limit_conn {{nginx_limit_conn}};
ssl_protocols {{nginx_ssl_protocols}};
ssl_ciphers {{nginx_ssl_ciphers}};
ssl_dhparam {{nginx_dh_param}};
ssl_prefer_server_ciphers {{nginx_ssl_prefer_server_ciphers}};
{% for header in nginx_add_header %}
add_header {{header}};
{% endfor %}