36 lines
624 B
JSON
36 lines
624 B
JSON
[
|
|
{
|
|
"name": "install packages",
|
|
"become": true,
|
|
"ansible.builtin.apt": {
|
|
"update_cache": true,
|
|
"pkg": [
|
|
"nginx"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"name": "generate dhparams file",
|
|
"ansible.builtin.command": "openssl dhparam -out /etc/nginx/dhparam 4096",
|
|
"args": {
|
|
"creates": "/etc/nginx/dhparam"
|
|
}
|
|
},
|
|
{
|
|
"name": "place hardening config",
|
|
"become": true,
|
|
"ansible.builtin.copy": {
|
|
"src": "ssl-hardening.conf",
|
|
"dest": "/etc/nginx/ssl-hardening.conf"
|
|
}
|
|
},
|
|
{
|
|
"name": "restart service",
|
|
"become": true,
|
|
"ansible.builtin.systemd_service": {
|
|
"state": "restarted",
|
|
"name": "nginx"
|
|
}
|
|
}
|
|
]
|
|
|