infra/ansible
4
5
Fork 5
Code Issues 6 Pull Requests 3 Activity

nextcloud: anonymize nginx logs

Browse Source
This commit is contained in:
Markus 2021-09-30 16:08:58 +02:00
parent 75ec080860
commit ab82b09431
2 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
host_vars/nitrogen.binary-kitchen.net
View File

@ -3,3 +3,5 @@
root_keys_host: root_keys_host:
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJu4xYKnnAhXf2Fe+cI+U4EVkePw3cbPbSR4iPhY2fQf xaver@xm.1drop.de" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJu4xYKnnAhXf2Fe+cI+U4EVkePw3cbPbSR4iPhY2fQf xaver@xm.1drop.de"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGC1Cn/tEqpZKEgLzT3bGrhYibQy0bc21rtoDqm4+elZ xaver@home" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGC1Cn/tEqpZKEgLzT3bGrhYibQy0bc21rtoDqm4+elZ xaver@home"
nginx_anonymize: True

3
roles/nextcloud/templates/vhost.j2
View File

@ -27,9 +27,6 @@ server {
ssl_certificate_key /etc/nginx/ssl/{{ nextcloud_domain }}.key; ssl_certificate_key /etc/nginx/ssl/{{ nextcloud_domain }}.key;
ssl_certificate /etc/nginx/ssl/{{ nextcloud_domain }}.crt; ssl_certificate /etc/nginx/ssl/{{ nextcloud_domain }}.crt;
# TODO enable anonymized in global config
#access_log /var/log/nginx/access.log anonymized;
# Add headers to serve security related headers # Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;