--- proxy_package_list : ['nginx','aptitude','git'] proxy_site_conf_dir : /etc/nginx/conf.d proxy_site_file : "{{ proxy_site_conf_dir }}/zen_proxy.conf" proxy_site_version : 1.8 proxy_site_revision : 20200515-172338 proxy_site_log_path : /proxy_logs proxy_site_access_log : "{{ proxy_site_log_path }}/zen_proxy.log" proxy_site_dontlog_ips : - "10.1.1.*" - "10.10.10.*" - "63.143.42.253" - "104.131.107.63" - "122.248.234.23" - "128.199.195.156" - "138.197.150.151" - "139.59.173.249" - "146.185.143.14" - "159.203.30.41" - "159.89.8.111" - "165.227.83.148" - "178.62.52.237" - "18.221.56.27" - "188.226.183.141" - "34.233.66.117" - "46.101.250.135" - "46.137.190.132" - "54.64.67.106" - "54.67.10.127" - "54.79.28.129" - "54.94.142.218" proxy_site_ssl_directory : /etc/nginx/ssl proxy_site_ssl_certificate : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain13.pem" proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey13.pem" proxy_site_ssl_certificate_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain3.pem" proxy_site_ssl_certificate_key_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey3.pem" proxy_site_ssl_certificate_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain12.pem" proxy_site_ssl_certificate_key_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey12.pem" proxy_site_ssl_protocols : TLSv1.2 proxy_site_ssl_ciphers : ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256 # many websites are run from an apache host # ...lets define it here to make things easier proxy_default_host : zg-lxwb04.thezengarden.net # some of our sites require uploads, and those uploads # can be rather large; lets set a default max upload size: proxy_default_max_upload: 512M # git repo vars for ssl certs ssl_repo : git@gitlab.thezengarden.net:zen/le-ssl-certs.git ssl_repo_branch : master