forked from usegalaxy-eu/infrastructure-playbook
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcsp-report.yml
35 lines (33 loc) · 1.19 KB
/
csp-report.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
---
- name: CSP Reporting Host
hosts: csp-report
become: true
vars:
php_enable_php_fpm: true
letsencrypt_webroot_path: /var/www/html
letsencrypt_email: [email protected]
letsencrypt_cert_domains:
- csp.usegalaxy.eu
letsencrypt_renewal_command_args: '--renew-hook "systemctl restart httpd"'
apache_vhosts_ssl:
- servername: "csp.usegalaxy.eu"
documentroot: "/var/www/html/"
apache_ssl_protocol: "All -SSLv2 -SSLv3"
apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH"
apache_allow_override: "All"
apache_options: "-Indexes +FollowSymLinks"
certificate_file: "/etc/letsencrypt/live/csp.usegalaxy.eu/cert.pem"
certificate_key_file: "/etc/letsencrypt/live/csp.usegalaxy.eu/privkey.pem"
certificate_chain_file: "/etc/letsencrypt/live/csp.usegalaxy.eu/chain.pem"
extra_parameters: |
ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/html/"
roles:
- linuxhq.yum-cron
- hostname
- hxr.admin-tools
- geerlingguy.repo-epel
- geerlingguy.apache
- geerlingguy.php
- geerlingguy.apache-php-fpm
- thefinn93.letsencrypt
- hxr.admin-tools