6 changed files
ansible/roles | ||
httpd/templates/etc/httpd/conf.d | ||
ssl.conf | ||
nginx/templates/etc/nginx/conf.d | ||
ssl.conf | ||
y_front_www.conf | ||
z_front.conf | ||
z_front.conf,503 | ||
RELEASES.md | ||
ssl.conf
/ansible/roles/httpd/templates/etc/httpd/conf.d/ssl.conf-2+6/ansible/roles/httpd/templates/etc/httpd/conf.d/ssl.conf
Add comment 53 ## SSL Virtual Host Context
Add comment 54 ##
Add comment 55
Add comment 56 Plus ### START ###
Add comment 57 Plus # Tips: Does not work if inside VirtualHost
Add comment 58 Plus SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA:!3DES:!RC4:!DH
Add comment 59 Plus ### END ###
Add comment 56 60 <VirtualHost _default_:443>
Add comment 57 61
Add comment 58 62 # General setup for the virtual host, inherited from global configuration
Add comment 85 89 {% else %}
Add comment 86 90 #SSLProtocol all -SSLv2
Add comment 87 91 {% endif %}
Add comment 88 Minus SSLProtocol +TLSv1.1 +TLSv1.2
Add comment 89 Minus SSLProxyProtocol +TLSv1.1 +TLSv1.2
Add comment 92 Plus SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Add comment 93 Plus SSLProxyProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Add comment 90 94 ### END ###
Add comment 91 95
Add comment 92 96 # SSL Cipher Suite:
ssl.conf
/ansible/roles/nginx/templates/etc/nginx/conf.d/ssl.conf-1+1/ansible/roles/nginx/templates/etc/nginx/conf.d/ssl.conf
Add comment 13 ssl_certificate_key /etc/pki/tls/private/localhost.key;
Add comment 14 ssl_session_cache shared:SSL:1m;
Add comment 15 ssl_session_timeout 10m;
Add comment 16 Minus ssl_protocols TLSv1.2 TLSv1.1;
Add comment 16 Plus ssl_protocols TLSv1.2 TLSv1.3;
Add comment 17 ssl_ciphers HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA:!3DES:!RC4:!DH;
Add comment 18 ssl_prefer_server_ciphers on;
Add comment 19
y_front_www.conf
/ansible/roles/nginx/templates/etc/nginx/conf.d/y_front_www.conf-1+1/ansible/roles/nginx/templates/etc/nginx/conf.d/y_front_www.conf
Add comment 47 {% endif %}
Add comment 48 ssl_session_cache shared:SSL:1m;
Add comment 49 ssl_session_timeout 10m;
Add comment 50 Minus ssl_protocols TLSv1.2 TLSv1.1;
Add comment 50 Plus ssl_protocols TLSv1.2 TLSv1.3;
Add comment 51 ssl_ciphers HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA:!3DES:!RC4:!DH;
Add comment 52 ssl_prefer_server_ciphers on;
Add comment 53 add_header Strict-Transport-Security "max-age=31536000";
z_front.conf
/ansible/roles/nginx/templates/etc/nginx/conf.d/z_front.conf-1+1/ansible/roles/nginx/templates/etc/nginx/conf.d/z_front.conf
Add comment 46 {% endif %}
Add comment 47 ssl_session_cache shared:SSL:1m;
Add comment 48 ssl_session_timeout 10m;
Add comment 49 Minus ssl_protocols TLSv1.2 TLSv1.1;
Add comment 49 Plus ssl_protocols TLSv1.2 TLSv1.3;
Add comment 50 ssl_ciphers HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA:!3DES:!RC4:!DH;
Add comment 51 ssl_prefer_server_ciphers on;
Add comment 52 add_header Strict-Transport-Security "max-age=31536000";
z_front.conf,503
/ansible/roles/nginx/templates/etc/nginx/conf.d/z_front.conf,503-1+1/ansible/roles/nginx/templates/etc/nginx/conf.d/z_front.conf,503
Add comment 46 {% endif %}
Add comment 47 ssl_session_cache shared:SSL:1m;
Add comment 48 ssl_session_timeout 10m;
Add comment 49 Minus ssl_protocols TLSv1.2 TLSv1.1;
Add comment 49 Plus ssl_protocols TLSv1.2 TLSv1.3;
Add comment 50 ssl_ciphers HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA:!3DES:!RC4:!DH;
Add comment 51 ssl_prefer_server_ciphers on;
Add comment 52 add_header Strict-Transport-Security "max-age=31536000";
Add comment 2
Add comment 3 ## 1.1.0
Add comment 4
Add comment 5 Plus - SSL Server TestのOverall Ratingを「A」にしたい
Add comment 6 Plus - https://dev.azure.com/nightonly/vagrant-ansible-origin/_workitems/edit/69/
Add comment 5 7 - バックアップを定期的に他サーバーやs3に転送したい
Add comment 6 8 - https://dev.azure.com/nightonly/vagrant-ansible-origin/_workitems/edit/63/
Add comment 7 9 - htmlのバックアップを自動で取りたい