mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-25 17:43:23 +00:00 
			
		
		
		
	matrix_nginx_proxy_ocsp_stapling_enabled variable added
This commit is contained in:
		| @@ -279,18 +279,6 @@ matrix_nginx_proxy_proxy_domain_additional_server_configuration_blocks: [] | |||||||
| # Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices. | # Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices. | ||||||
| matrix_nginx_proxy_floc_optout_enabled: true | matrix_nginx_proxy_floc_optout_enabled: true | ||||||
|  |  | ||||||
| # OCSP Stapling eliminating the need for clients to contact the CA, with the aim of improving both security and performance. |  | ||||||
| # OCSP stapling can provide a performance boost of up to 30% |  | ||||||
| # nginx web server supports OCSP stapling since version 1.3.7. |  | ||||||
| # |  | ||||||
| # *warning* Nginx is lazy loading OCSP responses, which means that for the first few web requests it is unable to add the OCSP response. |  | ||||||
| #   |  | ||||||
| # Learn more about what it is here: |  | ||||||
| # - https://en.wikipedia.org/wiki/OCSP_stapling |  | ||||||
| # - https://blog.cloudflare.com/high-reliability-ocsp-stapling/ |  | ||||||
| # - https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ |  | ||||||
| matrix_nginx_proxy_ocsp_stapling_enabled: true |  | ||||||
|  |  | ||||||
| # Specifies the SSL configuration that should be used for the SSL protocols and ciphers | # Specifies the SSL configuration that should be used for the SSL protocols and ciphers | ||||||
| # This is based on the Mozilla Server Side TLS Recommended configurations. | # This is based on the Mozilla Server Side TLS Recommended configurations. | ||||||
| # | # | ||||||
| @@ -397,6 +385,18 @@ matrix_ssl_log_dir_path: "{{ matrix_ssl_base_path }}/log" | |||||||
| matrix_ssl_pre_obtaining_required_service_name: ~ | matrix_ssl_pre_obtaining_required_service_name: ~ | ||||||
| matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds: 60 | matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds: 60 | ||||||
|  |  | ||||||
|  | # OCSP Stapling eliminating the need for clients to contact the CA, with the aim of improving both security and performance. | ||||||
|  | # OCSP stapling can provide a performance boost of up to 30% | ||||||
|  | # nginx web server supports OCSP stapling since version 1.3.7. | ||||||
|  | # | ||||||
|  | # *warning* Nginx is lazy loading OCSP responses, which means that for the first few web requests it is unable to add the OCSP response. | ||||||
|  | #   | ||||||
|  | # Learn more about what it is here: | ||||||
|  | # - https://en.wikipedia.org/wiki/OCSP_stapling | ||||||
|  | # - https://blog.cloudflare.com/high-reliability-ocsp-stapling/ | ||||||
|  | # - https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ | ||||||
|  | matrix_nginx_proxy_ocsp_stapling_enabled: true | ||||||
|  |  | ||||||
| # nginx status page configurations. | # nginx status page configurations. | ||||||
| matrix_nginx_proxy_proxy_matrix_nginx_status_enabled: false | matrix_nginx_proxy_proxy_matrix_nginx_status_enabled: false | ||||||
| matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses: ['{{ ansible_default_ipv4.address }}'] | matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses: ['{{ ansible_default_ipv4.address }}'] | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user