-
-
Notifications
You must be signed in to change notification settings - Fork 883
/
server_ssl_settings.erb
executable file
·76 lines (76 loc) · 2.39 KB
/
server_ssl_settings.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<% if scope.call_function('versioncmp', [scope['nginx::nginx_version'], '1.15.0']) < 0 -%>
ssl on;
<% end -%>
<% if scope.call_function('versioncmp', [scope['nginx::nginx_version'], '1.25.1']) >= 0 && @http2 -%>
http2 <%= @http2 %>;
<% end -%>
<% if @ssl_cert_real -%>
<% @ssl_cert_real.each do | cert | -%>
ssl_certificate <%= cert %>;
<% end -%>
<% end -%>
<% if @ssl_key_real -%>
<% @ssl_key_real.each do | key | -%>
ssl_certificate_key <%= key %>;
<% end -%>
<% end -%>
<% if defined? @ssl_client_cert -%>
ssl_client_certificate <%= @ssl_client_cert %>;
ssl_verify_client <%= @ssl_verify_client %>;
<% end -%>
<% if defined? @ssl_dhparam -%>
ssl_dhparam <%= @ssl_dhparam %>;
<% end -%>
<%- if defined? @ssl_ecdh_curve -%>
ssl_ecdh_curve <%= @ssl_ecdh_curve %>;
<%- end -%>
<% if @ssl_cache -%>
ssl_session_cache <%= @ssl_cache %>;
<% end -%>
<% if @ssl_session_timeout -%>
ssl_session_timeout <%= @ssl_session_timeout %>;
<% end -%>
<% if @ssl_session_tickets -%>
ssl_session_tickets <%= @ssl_session_tickets %>;
<% end -%>
<% if @ssl_session_ticket_key -%>
ssl_session_ticket_key <%= @ssl_session_ticket_key %>;
<% end -%>
<% if @ssl_buffer_size -%>
ssl_buffer_size <%= @ssl_buffer_size %>;
<% end -%>
<% if @ssl_protocols -%>
ssl_protocols <%= @ssl_protocols %>;
<% end -%>
<% if @ssl_ciphers -%>
ssl_ciphers <%= @ssl_ciphers %>;
<% end -%>
<% if @ssl_prefer_server_ciphers -%>
ssl_prefer_server_ciphers <%= @ssl_prefer_server_ciphers %>;
<% end -%>
<% if @ssl_crl -%>
ssl_crl <%= @ssl_crl %>;
<% end -%>
<%- if instance_variables.any? { |iv| iv.to_s.include? 'ssl_' } -%>
<%- if @ssl_stapling -%>
ssl_stapling on;
<%- end -%>
<%- if defined? @ssl_stapling_file -%>
ssl_stapling_file <%= @ssl_stapling_file %>;
<%- end -%>
<%- if defined? @ssl_stapling_responder -%>
ssl_stapling_responder <%= @ssl_stapling_responder %>;
<%- end -%>
<%- if @ssl_stapling_verify -%>
ssl_stapling_verify on;
<%- end -%>
<%- if defined? @ssl_trusted_cert -%>
ssl_trusted_certificate <%= @ssl_trusted_cert %>;
<%- end -%>
<%- if @ssl_verify_depth -%>
ssl_verify_depth <%= @ssl_verify_depth %>;
<%- end -%>
<%- if @ssl_password_file -%>
ssl_password_file <%= @ssl_password_file %>;
<%- end -%>
<% end -%>