Maniphest T205415

Make allowed SSL ciphers a variable
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	gabriel-wmde
	Sep 25 2018, 11:01 AM

Tags

Referenced Files

None

Subscribers

Description

Currently, the allowed SSL ciphers for the fundraising infrastructure are hard-coded in playbooks and roles. They are all the same, but it's a lot of duplication. To achieve some consistency and be able to react to deprecations fast, we should put them in a variable in the all.yml file.

Note: Investigate if the ssh-hardening role described in T221210 fulfills that task.

Related Objects

Mentioned Here: T221210: Improve SSH hardening in Ansible playbook

Event Timeline

gabriel-wmde created this task.Sep 25 2018, 11:01 AM

Restricted Application added a project: WMDE-FUN-Team. · View Herald TranscriptSep 25 2018, 11:01 AM

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

gabriel-wmde moved this task from Backlog to Technical Improvements on the WMDE-Fundraising-Tech board.Oct 19 2018, 7:19 PM

gabriel-wmde added a project: WMDE-Fundraising-CFR.Dec 19 2019, 1:17 PM

gabriel-wmde updated the task description. (Show Details)Jan 2 2020, 5:28 PM

gabriel-wmde moved this task from Backlog to Ready for Estimation on the WMDE-Fundraising-CFR board.

No longer needed with new managed infrastructure