From 6bc0a3792893988978734b316fea9ecfd62829e5 Mon Sep 17 00:00:00 2001 From: Quentin Date: Fri, 22 Jul 2022 15:37:13 +0200 Subject: [PATCH] ssl version --- README.md | 2 ++ templates/stunnel.conf.j2 | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index 0d88975..3610518 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ Role Variables 1. `stunnel_install_ssl_backend` (optional, default False) : determines if we want to install openssl by this role 1. `stunnel_use_certificate` (default True) : determines if we use certificates +1. `stunnel_sslversion` (optional): if you want to specify a ssl version 1. `stunnel_use_psk` (default False) : determines if we use psk 1. `stunnel_certificate_generation` (default False) : determines if this role has to generate a self signed certificate 1. `stunnel_certificate_duration` (optional, if `stunnel_certificate_generation` is True, default 365) : self signed certificate validity duration @@ -69,6 +70,7 @@ Example Playbook - name: https accept: 443 connect: 80 + stunnel_sslversion: TLSv1.2 ``` you may also use [PSK (Pre Shared Keys)](https://www.stunnel.org/auth.html) diff --git a/templates/stunnel.conf.j2 b/templates/stunnel.conf.j2 index e1bcba4..fec0e86 100644 --- a/templates/stunnel.conf.j2 +++ b/templates/stunnel.conf.j2 @@ -1,6 +1,10 @@ pid = {{ stunnel_pid }} output = {{ stunnel_output }} +{% if stunnel_sslversion is defined %} +sslVersion = {{ stunnel_sslversion }} +{% endif %} + {% if stunnel_use_certificate %} cert = /etc/stunnel/stunnel.pem {% endif -%}