Clean up code

Code was clean up and simplified to make it simpler and easier to
maintain. No features were modified.
This commit is contained in:
Agustin Ferrario 2021-01-08 18:35:27 +01:00
parent 25d423e6b6
commit 5156c63a76
7 changed files with 20 additions and 118 deletions

View file

@ -252,20 +252,20 @@ matrix_nginx_proxy_ssl_presets:
# Specifies which *SSL protocols* to use when serving all the various vhosts.
# By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override
# the values from the preset
matrix_nginx_proxy_ssl_protocols: ""
matrix_nginx_proxy_ssl_protocols: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }}"
# Specifies whether to prefer *the clients choice or the servers choice* when
# negociating the chipher to serve all the various vhost.
#
# By default is set to "" and will use the protocols from the preset. If you set it to something different, it will override
# the values from the preset
matrix_nginx_proxy_ssl_prefer_server_ciphers: ""
matrix_nginx_proxy_ssl_prefer_server_ciphers: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }}"
# Specifies which *SSL Cipher suites* to use when serving all the various vhosts.
# By default is set to "" and will use the ciphers from the preset. If you set it to something different, it will override
# the values from the preset.
# To see the full list for suportes ciphers run `openssl ciphers` on your server
matrix_nginx_proxy_ssl_ciphers: ""
matrix_nginx_proxy_ssl_ciphers: "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}"
# Controls whether the self-check feature should validate SSL certificates.
matrix_nginx_proxy_self_check_validate_certificates: true

View file

@ -68,25 +68,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_element_hostname }}/privkey.pem;
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{{ render_vhost_directives() }}
}

View file

@ -66,25 +66,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_dimension_hostname }}/privkey.pem;
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{{ render_vhost_directives() }}
}

View file

@ -59,25 +59,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_base_domain_hostname }}/privkey.pem;
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{{ render_vhost_directives() }}
}

View file

@ -87,25 +87,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/privkey.pem;
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{{ render_vhost_directives() }}
}

View file

@ -52,25 +52,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname }}/privkey.pem;
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{{ render_vhost_directives() }}
}

View file

@ -204,25 +204,11 @@ server {
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/fullchain.pem;
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/privkey.pem;
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
ssl_ciphers {{ matrix_nginx_proxy_ssl_ciphers }};
{% endif %}
{{ render_vhost_directives() }}
}
@ -253,25 +239,11 @@ server {
ssl_certificate {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate }};
ssl_certificate_key {{ matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key }};
{% if matrix_nginx_proxy_ssl_protocols == "" %}
ssl_protocols {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['protocols'] }};
{% else %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% endif %}
{% if matrix_nginx_proxy_ssl_prefer_server_ciphers == "" %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['prefer_server_ciphers'] }};
{% else %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}
{% if matrix_nginx_proxy_ssl_ciphers == "" %}
{% if matrix_nginx_proxy_ssl_preset == "old" or matrix_nginx_proxy_ssl_preset == "intermediate" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_presets[matrix_nginx_proxy_ssl_preset]['ciphers'] }}";
{% endif %}
{% else %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
{% if not matrix_nginx_proxy_ssl_ciphers == "" %}
ssl_ciphers "{{ matrix_nginx_proxy_ssl_ciphers }}";
{% endif %}
ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }};
{% endif %}