Clean up code
Code was clean up and simplified to make it simpler and easier to maintain. No features were modified.
This commit is contained in:
parent
25d423e6b6
commit
5156c63a76
@ -252,20 +252,20 @@ matrix_nginx_proxy_ssl_presets:
|
||||
# Specifies which *SSL protocols* to use when serving all the various vhosts.
|
||||
# By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override
|
||||
# the values from the preset
|
||||
matrix_nginx_proxy_ssl_protocols: ""
|
||||
matrix_nginx_proxy_ssl_protocols: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }}"
|
||||
|
||||
# Specifies whether to prefer *the client’s choice or the server’s choice* when
|
||||
# negociating the chipher to serve all the various vhost.
|
||||
#
|
||||
# By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override
|
||||
# the values from the preset
|
||||
matrix_nginx_proxy_ssl_prefer_server_ciphers: ""
|
||||
matrix_nginx_proxy_ssl_prefer_server_ciphers: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }}"
|
||||
|
||||
# Specifies which *SSL Cipher suites* to use when serving all the various vhosts.
|
||||
# By default is set to "" and will use the ciphers from the preset. If you set it to something different, it will override
|
||||
# the values from the preset.
|
||||
# To see the full list for suportes ciphers run `openssl ciphers` on your server
|
||||
matrix_nginx_proxy_ssl_ciphers: ""
|
||||
matrix_nginx_proxy_ssl_ciphers: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}"
|
||||
|
||||
# Controls whether the self-check feature should validate SSL certificates.
|
||||
matrix_nginx_proxy_self_check_validate_certificates: true
|
||||
|
@ -68,25 +68,11 @@ server {
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/privkey.pem;
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
|
@ -66,25 +66,11 @@ server {
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/privkey.pem;
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
|
@ -59,25 +59,11 @@ server {
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/privkey.pem;
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
|
@ -87,25 +87,11 @@ server {
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/privkey.pem;
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
|
@ -52,25 +52,11 @@ server {
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/privkey.pem;
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
|
@ -204,25 +204,11 @@ server {
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/privkey.pem;
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
ssl_ciphers {{ matrix_nginx_proxy_ssl_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
@ -253,25 +239,11 @@ server {
|
||||
ssl_certificate {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate }};
|
||||
ssl_certificate_key {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key }};
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_protocols == "" %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
|
||||
{% else %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
|
||||
{% else %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
|
||||
{% endif %}
|
||||
{% else %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
|
||||
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
|
||||
{% endif %}
|
||||
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user