move nginx snippets to global files location

3 files changed, 1 insertions, 12 deletions

diff --git a/roles/elevate/media/files/nginx-snippets/hsts.conf b/roles/elevate/media/files/nginx-snippets/hsts.conf
deleted file mode 100644
index 4ca8396e..00000000
--- a/roles/elevate/media/files/nginx-snippets/hsts.conf
+++ /dev/null
@@ -1 +0,0 @@
-add_header Strict-Transport-Security max-age=15768000;
diff --git a/roles/elevate/media/files/nginx-snippets/ssl.conf b/roles/elevate/media/files/nginx-snippets/ssl.conf
deleted file mode 100644
index d187a7c0..00000000
--- a/roles/elevate/media/files/nginx-snippets/ssl.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AES:!ADH:!AECDH:!MD5;
-ssl_prefer_server_ciphers on;
-
-# openssl dhparam -out /etc/ssl/certs/dhparams.pem 2048
-ssl_dhparam /etc/ssl/dhparams.pem;
-
-ssl_session_cache shared:SSL:10m;
-ssl_session_timeout 10m;
-ssl_session_tickets off;
diff --git a/roles/elevate/media/tasks/nginx.yml b/roles/elevate/media/tasks/nginx.yml
index fd1ed888..2441872a 100644
--- a/roles/elevate/media/tasks/nginx.yml
+++ b/roles/elevate/media/tasks/nginx.yml
@@ -9,7 +9,7 @@
 
 - name: install nginx config snippets
   copy:
-    src: "nginx-snippets/{{ item }}.conf"
+    src: "{{ global_files_dir }}/common/nginx-snippets/{{ item }}.conf"
     dest: /etc/nginx/snippets/
   with_items:
     - ssl