Allow to configure advanced SSL options
This patch allows to configure advanced ssl options like:
ssl_crl
ssl_dhparam
ssl_stapling_responder
ssl_stapling_verify
ssl_verify_client
...and others
The whole list of options may be found in nginx/files/_ssl.conf
Theirs description:
http://nginx.org/en/docs/http/ngx_http_ssl_module.html
The 'mode' trigger is deprecated and will be removed in future together
with _ssl_normal.conf and _ssl_secure.conf. All options should be
set from reclass directly.
The following options changed theirs types (for backward compatibility
new type will be applied only when mode is set to != secure)
ssl_ciphers, ssl_ecdh_curve - was string, become list
Please read README for more details
Added kitchen tests
Related-PROD: PROD-19154
Change-Id: I03e735af6ff6794610e00d745d5a7054fb02186a
diff --git a/.kitchen.yml b/.kitchen.yml
index b657514..64dea14 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -79,4 +79,9 @@
provisioner:
pillars-from-files:
nginx.sls: tests/pillar/stats.sls
+
+ - name: proxy_with_ssl
+ provisioner:
+ pillars-from-files:
+ nginx.sls: tests/pillar/proxy_with_ssl.sls
# vim: ft=yaml sw=2 ts=2 sts=2 tw=125