LibertaCasa/salt
LibertaCasa/salt
9
1
Fork 0
Code Issues 5 Pull Requests Releases Activity

Compare commits

base: LibertaCasa:c4728bc96d0283c90fc73368412f50100d702671
Branches Tags
LibertaCasa:production
LibertaCasa:change_bridges
LibertaCasa:fix/matterb-trashtgirclinks
LibertaCasa:add/matterbridge-chillnet-tgchan
LibertaCasa:mta-optional
LibertaCasa:orpheus
LibertaCasa:privatebin
LibertaCasa:bookstack
LibertaCasa:nsd
LibertaCasa:import-denc-webcluster
LibertaCasa:fix/pillar_boolquotes
..
compare: LibertaCasa:18d28c3b7fed42e29eb9ff7b11b4dd1a54f8a510
Branches Tags
LibertaCasa:production
LibertaCasa:change_bridges
LibertaCasa:fix/matterb-trashtgirclinks
LibertaCasa:add/matterbridge-chillnet-tgchan
LibertaCasa:mta-optional
LibertaCasa:orpheus
LibertaCasa:privatebin
LibertaCasa:bookstack
LibertaCasa:nsd
LibertaCasa:import-denc-webcluster
LibertaCasa:fix/pillar_boolquotes

1 Commits
c4728bc96d ... 18d28c3b7f

Author SHA1 Message Date
Georg Pfuetzenreuter
18d28c3b7f
Address salt-lint errors/warnings
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Details 
- remove trailing whitespaces
- format octal modes correctly

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
 2023-02-15 23:18:54 +01:00
2 changed files with 1 additions and 2 deletions
Show Stats Expand all files Collapse all files

1
pillar/cluster/denc/web-proxy.sls
View File

@ -78,7 +78,6 @@ nginx:
- X-Forwarded-Proto $scheme - X-Forwarded-Proto $scheme
- proxy_ssl_trusted_certificate: /etc/pki/trust/anchors/backend-ca.crt - proxy_ssl_trusted_certificate: /etc/pki/trust/anchors/backend-ca.crt
tls: tls:
# yamllint disable-line rule:line-length
- ssl_ciphers: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 - ssl_ciphers: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
{#- certificate snippets, to-do: merge snippets/tls include into crtkeypair #} {#- certificate snippets, to-do: merge snippets/tls include into crtkeypair #}

2
pillar/id/deriweb01_rigel_lysergic_dev.sls
View File

@ -417,7 +417,7 @@ nginx:
{{ takahe_includes() }} {{ takahe_includes() }}
- server_name: despair.life - server_name: despair.life
{{ takahe_gohome() }} {{ takahe_gohome() }}
{#- if someone clicks "Log in" on despair.life, the SAML IDP (Keycloak) would redirect back to despair.life, which breaks the session cookie originating from social.liberta.casa (Django only allows a single "cookie domain" - hence we rewrite the login endpoints to handle sessions exclusively via social.liberta.casa #} # yamllint disable-line rule:line-length {#- if someone clicks "Log in" on despair.life, the SAML IDP (Keycloak) would redirect back to despair.life, which breaks the session cookie originating from social.liberta.casa (Django only allows a single "cookie domain" - hence we rewrite the login endpoints to handle sessions exclusively via social.liberta.casa #}
{%- for talopath in ['auth', 'saml2'] %} {%- for talopath in ['auth', 'saml2'] %}
- location /{{ talopath }}: - location /{{ talopath }}:
- rewrite: ^/(.*) https://social.liberta.casa/$1 redirect - rewrite: ^/(.*) https://social.liberta.casa/$1 redirect