overmind
/
matrix-docker-ansible-deploy
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Browse Source

Clean up code 

Code was clean up and simplified to make it simpler and easier to
maintain. No features were modified.
pull/755/head
Agustin Ferrario 5 years ago
parent
25d423e6b6
commit
5156c63a76
7 changed files with 20 additions and 118 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -3
      roles/matrix-nginx-proxy/defaults/main.yml
  2. +2
    -16
      roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2
  3. +2
    -16
      roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2
  4. +2
    -16
      roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2
  5. +2
    -16
      roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2
  6. +2
    -16
      roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2
  7. +7
    -35
      roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2

+ 3
- 3
roles/matrix-nginx-proxy/defaults/main.yml View File

@@ -252,20 +252,20 @@ matrix_nginx_proxy_ssl_presets:
# Specifies which *SSL protocols* to use when serving all the various vhosts. # Specifies which *SSL protocols* to use when serving all the various vhosts.
# By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override # By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override
# the values from the preset # the values from the preset
matrix_nginx_proxy_ssl_protocols: ""
matrix_nginx_proxy_ssl_protocols: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }}"


# Specifies whether to prefer *the client’s choice or the server’s choice* when # Specifies whether to prefer *the client’s choice or the server’s choice* when
# negociating the chipher to serve all the various vhost. # negociating the chipher to serve all the various vhost.
# #
# By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override # By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override
# the values from the preset # the values from the preset
matrix_nginx_proxy_ssl_prefer_server_ciphers: ""
matrix_nginx_proxy_ssl_prefer_server_ciphers: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }}"


# Specifies which *SSL Cipher suites* to use when serving all the various vhosts. # Specifies which *SSL Cipher suites* to use when serving all the various vhosts.
# By default is set to "" and will use the ciphers from the preset. If you set it to something different, it will override # By default is set to "" and will use the ciphers from the preset. If you set it to something different, it will override
# the values from the preset. # the values from the preset.
# To see the full list for suportes ciphers run `openssl ciphers` on your server # To see the full list for suportes ciphers run `openssl ciphers` on your server
matrix_nginx_proxy_ssl_ciphers: ""
matrix_nginx_proxy_ssl_ciphers: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}"


# Controls whether the self-check feature should validate SSL certificates. # Controls whether the self-check feature should validate SSL certificates.
matrix_nginx_proxy_self_check_validate_certificates: true matrix_nginx_proxy_self_check_validate_certificates: true


+ 2
- 16
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 View File

@@ -68,25 +68,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/fullchain.pem; ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/privkey.pem; ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/privkey.pem;


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}"; ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %} {% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};


{{ render_vhost_directives() }} {{ render_vhost_directives() }}
} }


+ 2
- 16
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 View File

@@ -66,25 +66,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/fullchain.pem; ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/privkey.pem; ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/privkey.pem;


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}"; ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %} {% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};


{{ render_vhost_directives() }} {{ render_vhost_directives() }}
} }


+ 2
- 16
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 View File

@@ -59,25 +59,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/fullchain.pem; ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/privkey.pem; ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/privkey.pem;


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}"; ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %} {% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};


{{ render_vhost_directives() }} {{ render_vhost_directives() }}
} }


+ 2
- 16
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 View File

@@ -87,25 +87,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/fullchain.pem; ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/privkey.pem; ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/privkey.pem;


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}"; ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %} {% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};


{{ render_vhost_directives() }} {{ render_vhost_directives() }}
} }


+ 2
- 16
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 View File

@@ -52,25 +52,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/fullchain.pem; ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/privkey.pem; ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/privkey.pem;


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}"; ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %} {% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};


{{ render_vhost_directives() }} {{ render_vhost_directives() }}
} }


+ 7
- 35
roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 View File

@@ -204,25 +204,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/fullchain.pem; ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/privkey.pem; ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/privkey.pem;


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %} {% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }}; ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
ssl_ciphers {{ matrix_nginx_proxy_ssl_ciphers }};
{% endif %}


{{ render_vhost_directives() }} {{ render_vhost_directives() }}
} }
@@ -253,25 +239,11 @@ server {
ssl_certificate {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate }}; ssl_certificate {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate }};
ssl_certificate_key {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key }}; ssl_certificate_key {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key }};


{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}

{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}

{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};


{% endif %} {% endif %}




Write Preview
Loading…
Cancel
Save